Latest

The challenge provides Access Keys that allows for IAM enumeration that leads to a policy that has permissions for Amazon SQS. An interesting permission allows us to read messages from the queue URL which reveals the flag

The challenge provides Client Credentials that can be used to authenticate and enumerate roles which have permissions to read available workflows from Logic Apps. One of the workflows reveal another set of credentials that we can use to authenticate and enumerate API permissions of another certain app.

The challenge provides JSON credentials that can be used to authenticate and enumerate IAM Policies. The service account has policies that enable them to enumerate Storage Managers and Cloud Functions. After retrieving a a partial source code of a certain Cloud function, it was discovered that it was possible to invoke a limited access internal function by using an external function as a proxy. Thus, exfiltrating the flag

The challenge provides Access Keys that allows for IAM enumeration that leads to a Lambda permission which allows the user to access the source code of the Lambda function. Next, another crucial permission was present that allowed them to view a sensitive SSM parameter that ultimately allows for invoking the Lambda function that reveals the flag

The challenge provides Access Keys that are used to authenticate to the AWS instance and enumerate AWS IAM resources which includes users, policies, and roles