Event Injections: Sending Evil to the Cloud

[Applause] all right everyone you can take your seats we're about to get started with the next top

all right and I'm sorry I don't we don't have a second mic go upstairs to the second track so I guess I'll have to yell which is no problem raise your hand in the back you can hear me awesome thank you thank you so I'd like to introduce our next speaker his name is pal Millman and he's speaking on event injection sending evil to the cloud so it's help thank you take it away thanks a lot hi everyone thanks for coming just checking can you hear me well alright so a few questions how many of you here heard my talk last year okay okay I just want to know how much stuff I can't repeat joking yeah so my name is Thao

I'm originally from Israel I live here in New Haven Connecticut this is the past this is the second year for me not looking forward for the winter okay it's been tough so again thanks for coming I'm gonna talk about this this talk is going to be a fairly technical and another thing that I would like to know that a to tell you is that if any of you attended Def Con and seen my talk there it's gonna be pretty similar so if not you're welcome to stay now that we've established that okay just a word for the new guys here so I want to thank Brian again for his keynote was great and I was I just want to know to tell

you that from my personal experience that's exactly right what he said I remember three years ago yeah September three years ago was my first talk at a local event on West local event in in Israel and I didn't the first time I was nervous and I liked it and three years after that then I started of course with some other local besides and always meetings and now three three years after I'm giving this around this topic these talks that blackhat RSA Derby called and and I just want to tell you guys that are studying up now don't be afraid go and try and if you like it I'm sure you can grow and do a great stuff all right

so I'm working in a start-up based in Israel called pretty go labs what we do is we provide a several a security solution if you like it after the talk you're more than welcome to speak to come and catch catch up with me also so here are my if you want to find me over LinkedIn or Twitter or whatever I'm also teaching at Quinnipiac University in Hamden Connecticut at a master's program there it's 100 cent online so if you want to master in cybersecurity and also come talk to me after this talk all right we covered what we needed now what we're going to talk about is just a little bit about the technology itself because

service is quite new so I'm gonna just introduce you to the to the technology and then we're gonna have some fun with the fun part where I do a lot of damage in the cloud mostly AWS but it could be any cloud provider and we see I'll introduce you to some work that you can work with or you can get to know to practice yourself and then if we have some time than some Q&A all right so basically what we know today is that most companies or organizations even the the government's most governments and secret services everyone is going to the cloud so pretty much the cloud now owns the upper is the new OS for us we don't need to take care

of everything of all the infrastructure infrastructure we don't have to take all they have a lifting of building and connecting stuff we can just use resources that are ready and secure and good to go and in server less the idea is that it was meant for developers basically it gives them the power to just go ahead develop features develop the logic of the application and not think about servers and how they have to manage them and configure them so this is all taken away also in service technology the everything is scales up automatically so it's transparent doesn't matter if your application hits 1,000 seconds or 10 requests per week eight automatics automatically scale up and down by the cloud provider also very

good thing the pricing model is that you don't pay for what you don't use so even if you want to build something and you're not sure anyone is going to use it you can just build it just go ahead and write code in the cloud and if you if no one uses it or if it being used very lightly you don't pay for anything so basically you just pay for what you use and if you don't if you build even we have some customers that have like internal IT or automation services that run that barely run like once a day like a build a nightly build or whatever they don't pay for that even though it runs

in the cloud and they use a lot of services they pay like it seems significant like under under a dollar and also you get the availability and resiliency of the cloud so whenever you deploy something it is populated in AWS or the cloud providers data centers across the region's that you have so you have all the power of the cloud okay what are the security challenged challenges or is that so I choose I chose for but which will make our or the hackers life easier or I'll give them the opportunity so the first one on top left is that in service you have to give a specific permission or policy for each of the functions that

you build so think about it it's very very good in app stick in the obstacles if you can take every 10 100 lines of code and tell them oh this function which always writes to the database can only write to the database and only the database and you don't have to to make sure that it enforced its enforced by the cloud you just have to choose the right policy but the problem is that AWS for example have 5,000 different more than 5,000 different actions that you can choose from so yeah you can do it for 1 or 2 function 3 4 maybe if you are doing it for yourself but if you're a bigger organization and we have

customers with thousands of functions how do you do that it's very difficult and they end up not doing it right like what happened is actually that the developer goes to a Stack Overflow copy paste their first examples it works and they stay with it and this what will eventually lead up to some damage in the cloud in case of an attack also top right but it's your left okay so top left you have that we in service we lose the perimeter so in the traditional monolithic application we usually have just one way in so it doesn't matter what protocol usually HTTP or HTTPS but it can be any I don't TCP or IOT related traffic but it's usually just one way

into the to the DMZ to the load balancer to the firewall whatever you have there and when you put all your security controls in that place so you monitor you could firewalls DLP's or whatever you want and everything that comes in and goes out is being scanned or checked so sometimes we're lucky sometimes less but we have some security control that barrier to check that and we're gonna lose that now because in service the technology really is an event-driven the architecture which runs codes based on events that happen in the clouds could be file upload file download change in a database and IP IOT device connected whatever you can think of email was sent its and so on so on

and the problem is for the developers for the organization is that there are very quite a lot resources that they have to connect together and make sure that they have the entire security access control and everything configured right and it's kind of a problem because it's not one server that you can just deploy make sure it does the right things maybe put some things before the they hit the server know it's different resources unconnected that you somehow put arrows between at one another or connect them connect the dots and you have to make sure the security stays and it updates a lot so it's very hard to make to keep up so sorry ok so I like to

think about the regular traditional application as the football fields yeah the New England's here they have to defend the the incoming attack and you always have the line of scrimmage and you have the always the internal network is always ten feet away you have you know what you're protecting and you put all your security controls in line against yet the incoming attack so most of the time the incoming attack is being prevented or the attack is being prevented sometimes there it's very agile and jumps jumps on top of your defense but it barely happens but in server less you pretty much lose all of that because you don't have an internal network you at well you might have a

private network for yourself but if you don't own it I mean you cannot put controls there it's it's not yours it's the cloud and you don't know where the attack is gonna come because well it could be an email how do you protect that so in this talk I'm going to show you a different type of injection attacks or it's gonna be the same injection attack but all are different or r-va areas and events that happens in the cloud so just so sorry we're good remove the logo there so just or you understand how it actually works then when your code needs to run or the developer the code needs to run the container sorry the cloud provider which

could be any of the big ones GCPs or Google IBM Microsoft sup AWS and they spin up a container so this container is out of your control really it's not like you can connect to the container or you can decide what's gonna be there no it's not your container the container randoms randomly spin up for your code and runs the code that that you decide that you want to run for this event so what actually happens is that the container itself is a read-only environment apart from the slash temp directory whatever you want to process you want to you're gonna do it in the slash temp directory because it's the only play place that you can write stuff or process stuff

into so in a attacker perspective this is a nice place to look at right okay the event triggers from different of events sources could be an email a log an API gateway and I'm qtt which is an IOT protocol file that was changed in authentication service and so on and the source code of the source code that you wrote for this specific function is gonna be stored under a slash var slash desk or link to it in under slash proc process ID CWD so your source code is also also resides in the container this is also a nice place to look at if you're in attacker another important and interesting stuff depends were what side

of the attacker are you the environment variable are located in the environment they are built in there and you can call them with and the ants and process and what happens is that when this container spins up the cloud provider takes the policy or the permissions that you gave the function and translated it translates it into a temporary token and this token valley's for a couple of minutes couple of depends it could be even for a couple of hours and it's gonna reside inside environment variables so if someone can access the environment variables they can actually impersonate to the function so if I am somehow again access to D to the container or T the function with an

injection code injection command injection whatever I have and I can steal the environment variables I can run from my own computer at home with the same permissions that the function has and I can do whatever the function has okay so just so we understand how the policy works before we can before we move on to see how things go bad if you do it wrong I have this very short function what it does it's it's a code that of a function that is triggered via an f3 f3 is a cloud storage for files or a blob if your imager and the trigger the file upload file download whatever that was file delete triggers a function

now this function all it knows is that it got an event it literally a variable called event from the cloud and then you can do whatever you want was this event variable argument you don't control anything else but inside the event argument you're gonna find the records and the f3 and you can get the file name under bucket name sorry the bucket name under bucket name and the file key is called key and under object key so now that I have have the buckets and the key what I can do is call an API and AWS API in this case which is called get object and all I have to do is give the function or this API the bucket name and

the key name now if my function has permission to do so it can go and grab the file okay so the best way would be to do something like that so the policy for the function will be very limited and will tell the function well you can only do a 3 get object which is what I actually do but you can also only do that on this specific bucket which is what you want to do if you're a developer but most of the time wind up like this which means well you you're limited to the bucket because I know what bucket you're working on I'm working on I mean from the developer perspective but I'm not

sure if I want to download the file what it is translated to in terms of API so I'm gonna do in terms of actions in the policy so I'm gonna put here wild card which means that in this case the function can do whatever it wants inside is a three bucket so it can actually delete the bucket Korea changed policies their upload file delete files download for whatever you want but in some cases we're gonna get something like that which is where it really gets interesting because if you go to stack overflow or even in some cases to the documentation of the cloud provider you're gonna find this permission which tells you well we don't

know what you want or we don't know what bucket you want so let's just put that and tell the function or give the function permission to do whatever it wants over the f3 service which means not only it can do whatever it wants inside as in action like the leads upload and so on it can do that on any bucket in the account so if my function even though it does always get the same event from the same a3 and will originally or in the valid case it will go to the specific bucket that I'm working with and download the file potentially it can do whatever it wants it can go and go to a

different bucket that unrelated to the application and stores even internal information and get information out of there change the policy of the bucket and make it public so everyone will see it so this can ends up in really a very serious breach in your organization and I mean if you do it in something that happens you're fired for sure about that it could be even illegal actions against you I know it depends how you did it I mean okay so after we established all the grounds what we're gonna do now is I'm gonna go and start taking services that are available in the cloud and are not very common in the traditional monolith applications and see how

through these events I can still cause damage using injection attacks so you're I hope you know injection attacks it's not like limited to a specific injection can be code injection command injection and SQL injection whatever injections that you want anything that transfer bad input into the cloud all right first one is gonna be most the more may be similar to them to the traditional application was to start with so what I have what I have here is a set up that has a slack chat bot that interacts with the user it could be a support sales whatever you want whatever you want to use your chat it's very common to use chat bots on server list because

whenever someone sends an email you can just trigger a code that will run process whatever you need and that's it you don't have to putting I am running idle for the entire time so what's gonna happen is that the user interact with slack slack wolf is configured to send the event to an alum the function through the slack API to the API gateway of the organization and then it's going to trigger the lambda function which is the lot a function that runs the code which gonna write the message and the reply to the DynamoDB database it's a no sequel database for records and then it's going to go back and send the response back to the user

okay there are no limitations there you can do whatever you want in terms of inputs and we're gonna target the slack Channel all right let's see how we do that so as I said I presented those demos on DEFCON so you're gonna see some background related to the event so here I have the channel that I'm interacting with it's just a chat bar that I'm sending has some machine learning or actually a lot of ifs or actually not so many ifs just like five and I'm gonna interact with it and as we know in the security world it's not like we we know what's going on behind the scenes so we have to do some trial and error and find

out if it's vulnerable so let's say I figure it out and there is there are ways to know that maybe from github maybe from again travel mirror seeing source code or whatever maybe internal knowledge let's say I found out that this function is vulnerable to a specific or has a specific library that is vulnerable to command code injection now I knew this vulnerability or libraries that the function is using I went to the internet Google and found out some nice exploits there so basically it's a prepared exploit only I modified it a little bit to attack lambda function rather than a server cut think about it there is no server where I'm standing my code is not gonna leave in the server

it's just gonna run inside a read-only container which is a single purpose container and it's gonna die right after I send the request but nevertheless I'm gonna try so what I'm gonna do is I'm gonna run a child process that exits so we node which is very common back end or runtime for lambda functions I'm gonna start a child process and Ron curl I just split it up so slack would not translated it into a link and then you can see I got it here barely you can barely see but I got here in my computer this is just an HTTP tunnel in my own computer so I can receive requests from the internet without

having to have a static IP address so now I did the test it worked now I want to get some information so what I'm gonna do is I'm gonna change the slash tab there to another command which is LS just because I want to know what's inside and you can see that I got the index jjswitzer Dame you can do whatever you want but it's that the default name for the handler or the file the original file that receives the event so now I want this file even though it's not it doesn't reside on this on a server it still give me a lot of information because I know what the function is going to do so I'm gonna send and

replace this now with cat index dot JSON just in order for me to get that through HTTP I'm gonna wrap it up with base64 right because I want to be able to send new lines and CRLs into my computer and I got the basics T for let's face forward that's board I got this into my computer and just gonna copy that now and decode it on my computer echo base64 pi base64 decode that's it what I have now on the on there is a source code of the function it's now in my computer I can investigate what I want and see what happens so first thing that I notice is that the function interactions flag which I knew

already but now I know how or what code it uses to interact blue slack and I can imitate that so I'll see we'll see in a second how I can use that I can also notice if you notice here if you can see here I also noticed some environment variables called token token and channel so I can use those even though I don't know them no yet I can get them but I can just use them as they as is but what I'm gonna show you now is the most important part is that as you can see here there is a var DynamoDB equals new AWS dynamodb and one line above is aw s equals require AWS SDK so the function

uses WS SDK okay which also resides automatically in the environment and it uses dynamodb which is a variable name for using the dynamodb service one night we have beneath that you can see that the not DynamoDB puts item which is what the function is doing is taking my conversation or my message and the response that was generated for me and as you can see user name time step message responds and writes it into the dynamo DB database using the food item api here but we already saw that the developer wasn't really a security person and it puts some wildcards in there so what I'm gonna do now is I'm gonna prepare a specific exploit that

will take all this information that I got and let me take you through it it's not very complicated I'm gonna do a require because I'm not sure exactly where again I'm gonna fall in the code it was already imported or not and then I'm gonna do a VAR HTTP so I can send an HTTP request and I'm gonna do of our new dynamo DB document dot scan the difference between scan and put item is that put item that's what it needs to be doing to write into the database and scan basically scans the entire database and split and pushes the or gives the output of the entire database out and then I don't need to

use the tunnel anymore because slack the function can interact to this track right so I'm gonna make it either fun even nicer for me and I'm gonna use the same environment variables that the function is doing and I'm gonna send an HTTP request into slack API again all the information is already there so when I sent that you can see that I got the entire database dump into my slack channel here and all of that and I also change the icon just for fun but again this happens only for me it's not like it's gonna be persistent and anyone else is gonna have it it just it ran once and that's it the codec died but for me it's

enough I got the entire database or a part of it maybe the function is limited for there are most of the time there are limited for 5 seconds and I cannot scan entire database so I can do it in chunks but I got the entire database here and that was just because the developer put a wild card in the function actions okay so we we saw how we can do it through an API which was really party application it's very common in serverless it's not uncommon in regular application now we're gonna slowly get into things that are more related to server less specific or traditional or service environments so the first the second part is gonna be

a cloud storage so what's gonna happen here is that I'm gonna upload a file into a cloud storage so the application wants me to upload a file and it takes the file and up - cloud storage through some JavaScript in the client and that triggers a function so to process my file upload so what I'm gonna do and I'm gonna get to get to do that I'm actually gonna use a very secure like a sick normally secured environment where I get a signed link to my specific bucket which I can use for two minutes only to upload a specific file that I requested previously so it sounds secure it is the it's not the problem the problem is that the function

that gonna process that one has too many permissions and two is not validating anything and I can just put some injections command injections in the file name so the process is that I'm going to call an API gateway and then get a silent link from the lambda function and then I'm gonna upload it directly to an s3 bucket so not going through an API gateway and this is gonna be triggering a function and I'm gonna target this part so everything on the left is not important for me and there are some limitations basically I don't know why they did that but the only limitation is putting a slash in the file name and that's only because it's

gonna put you inside like split it into a directory so it's gonna maybe interfere with your payload it's not like it's unacceptable so let's see how we do that

the open and okay so this is I'll introduce you later this is a vulnerable application that is written entirely on Cerberus so this is an application like Annie calm but you can see there is also a leave a feedback here so I can send a feedback to the the website and I can also attach files now I open the developer tools and you can see that when I uploaded a file or selected a file I got an attachment this is what I'm sending an attachment and I got a response which is a sign link to a specific bucket in the cloud which is configured securely I mean the bucket is not public I cannot upload I cannot upload it

directly to the bucket I have this sign linked and linked and this is the entire thing I can use but the function that is going to be triggered is not doing enough so what's gonna be what's gonna happen is that I'm gonna now do the same thing only I'm gonna change the file name to something that will do a curl as we can see and this is there gonna be a curl into my computer that is gonna send me the environment variables which we discussed that's it and pipe base rapid that's it and it's good to be a PDF or for that reason so I can just put a dot PDF at the end okay let's see so I uploaded I got a

signed link and when I click send feedback is gonna actually upload it to the a3 bucket in a sec new way but it triggers the function and the function wasn't secure so I got the base64 and now what I'm gonna do is again I'm gonna decode that environment variables or base64 and get the environment variables these are the environment variables of every lambda function unless you edit some of your own but this is a default one and if you can see here there are some interesting parts that's just so what I'm doing now is I can use environment variables to use them but what I'm doing actually is I'm writing the credentials under the default

location for AWS credentials in my in the computer so whenever you run an AWS CLI command it goes to that location and try to find a profile I'll call the profile DEF CON because it was a different conference and I'm only needs I only need some of them which is the default region I don't even have to use it but I use it for miss confusion the session token' the access key and the secret key and these are the things that live in the environment variables I stored that and now I don't need the application anymore I can now from this moment on I can interact with a cloud or with the yeah with the account of the cloud of this

the cloud account of this application directly for my own computer using this profile and what the application is gonna see or what the organization is gonna see is that their function is doing some weird stuff they don't not gonna know it's me I'm using the environment variables of the function so I'm basically the function and now I can use AWS CLI which is provided by AWS of course and what I'm gonna do is I'm gonna do an f3 LS and LS is just listing the entire add three buckets and you can see I got the entire list over three buckets some of them in justing more some of them less I don't know what permission I have I can just

try there are tools that let you try just running AWS commands and see what you can get so I want a specific one which is the DVS a receipt bucket bucket and I'm gonna use the profile and I'm gonna see there is a folder inside so I'm gonna get inside a folder and there are no there is another folder and another folder which is basically the date and you can see that there are two files there so now I want to get a specific file which I'm gonna use a different CLI which is get object we see that before I'm gonna give it as the bucket and the key that I need which is the full path to the file and now I'm

gonna downloaded it into my slash temp received file and actually got a file from the s3 bucket from a secured bucket just because I had the environment variables of a function that has permissions to interact with it and you can see that I got someone else's receipt now I'm gonna do is I'm gonna maybe like a whatever I have the permissions to do that now I don't need to go through the application so I'm gonna make a fake fake receipt upload it into the same cloud because now I can do that and then call the service support service and say they placed an order I didn't get anything and then gonna see their estate and gonna send me of course

this is just an example of a small thing that I did but actually I could delete the entire data they have in the account so this is like something more problematic or maybe they have a backup so I can just publish it and then being famous and then alright so we did that and now we're gonna use an authentication service to cause an injection attack so again all the examples here are AWS just because they are usually more there basically rule in the market and and I agree with that actually they're their solution is best it's so I forget to mention its disclaimer it's not AWS is problem here right everything that I show is because someone misconfigure

their code and someone wrote a bad code so all the problems that you're gonna see here are not a problem of the provider of the infrastructure but I'm gonna maybe target the difficulties that or the struggles that the developers in the organization have to cause some damage through maybe and this is what we get from our customers and people that I talk to unsuspected or regions so someone is not used to the thought that maybe they can get hacked through an email or an authentication service because they also lived a lot of time in the traditional application and they're expecting requests and responses from an API okay so this scenario what I'm gonna do is I'm gonna use kognito which is an

authentication service directory of AWS and what's happened here is that when I log into the application it automatically routed me through the cognitive service to get a token and then I'm gonna get into the application using this token but for some reasons and this is an actual reason we mean it's a good reason also when I authenticate they organization wants to run a code to verify my user my email if I'm registering it could be to put some additional information inside my token you can give community of trigger code that will put some information from the database to the specific user and they will sign it for you inside the token so you don't have to go to the database

later on because it's already in the token so there are a lot of services where you can hook an authentication service with a lambda function and run code during the process of authentication so and we're gonna target okay so the limitation so Cognito verifies all the verifies emails and phone numbers and they have limitations of how they look because emails should be emails and phone numbers should be phone numbers but they also allow you to if you want to have custom types and have types like usernames that are not the actual maybe serve it or the optional type that is your gonna they're gonna validate but you can still use it for your authentication so I'm gonna sorry so I'm

gonna target the authentication request to kognito and maybe you're not maybe but basically get some damage done in the cloud it's already open all right so this is the authentication service you can custom it if you want if you're a developer and this is the admin right just log in as an administrator I have access to the admin section and I can list all the orders in the application it's for just for reference now I'm going to create a new user which is an on main user so I'm just gonna register here and then I'm gonna get a code to confirm my authentication service and I can log in and now that I'm trying to

access the admin I'm not authorized all right it's not client-side it's also quite so so here I try to get the admin by force and nothing came up so just to show you you are unauthorised now so I've prepared so again I trial an or I find out that this functionality is vulnerable and we'll see as soon how I prepared a payload that is very hard to see and yeah let's see I hope I so what basically what I'm doing here it's an Ubuntu so I don't know how to zoom it zoom in right now so basically what I'm doing is calling some AWS SDK that is gonna do send an email sorry alright not send an email this is the

next one this one is to set me as an admin user and let's see if I mark it in their admin set user password and then I'm gonna change the password for the administrator this is an IP I that has to exist and also just for myself I'm gonna put myself in the administrator group this is also open source everything I don't the bucket is open so you can just either come to me or look at the video later go to the bucket and download the payload so you can see for yourself basically this is what I'm gonna do change the password for the administrator and myself to an admin and this is a command that I'm just not now

doing all I'm doing right now is I'm wrapping this payload inside the I'm wrapping this payload and then I'm gonna put it in our remote host and just upload it I have all the libraries that I need to use and then now let's go to the attack so I'm gonna register again domain does not exist I just put a typo in the domain this is how actually how I found out that it's vulnerable because I got a domain does not exist so they actually verify someone verifies my domain so wait before registering I have my help and I'm gonna put a user name which has the payload to go and fetch the exploit that I had so it's going to do

some cdcd to get inside the / temp directory because I cannot use slashes and then I'm going to download the remote host add the payload from the remote host and then I'm gonna uncover it into the slash temp directory and then I'm gonna run I don't know if you can see that but it says here Python dot PI into the file a Python sorry space Y dot PI which is a file and then you guys sent myself some notification along the way to see that things are actually happening okay so I got a you are and then main password changed and let's see so now I'm gonna log back in I don't know I'm nervous that it works

it's just it's recorded so now I logged in with my regular user joking and I got all the admitting formation okay I change myself when I moved to a group that is called administrator and now which is the nicest part in this case I don't know because maybe I don't know the group of it means I'm gonna log in with the password that I set to the administrator and now I logged in with a different password which is someone that I said now this API is exists you just need to be very careful with what you're doing but sometimes you need some admin capabilities in the cloud because you're an administrative the function permissions to do that without

previewing without checking that actually or making sure that you're doing it correctly or manually that becomes a problem all right we have 15 more minutes and I'm going to show you the last example so well because I have them okay so the next one is email let's keep it short and just go to the video all right so I have a call for papers and I'm gonna submit a paper here regular innocent submission and I'm gonna get an auto-reply because there is along the function behind you don't have to tell you again that tells me well thank you for your submission we got it and we'll be in touch now I'm gonna do is I'm gonna send them

our just a regular amount we're PD a regular mobile like it's my everyday I'm doing that regularly while we're here so I'm sending him out we're just a PDF with a malware here it's not an injection attack it just get some information out of that and I actually got the response that says hey hold up we found him out we're inside your it's not an actual right way but one but we found a malicious submission you can click here to review your submission this is it's actually works because I built it but it I mean it that what happened this is why I thought maybe they run some code behind the scene to check some stuff and then I

prepared a payload that what it does is two things one is gonna send an email from the organization and I'm gonna send it to myself just to see that it works but I couldn't actually send it to anyone but again I always do two things one is nice and one is very nice and the more the nicer part is that I'm gonna take the bucket which is highly secured with all the submission and I'll show you and change the policy of the bucket to be open just because someone configured the bucket extremely well but someone else configured the function very bad so I can turn the secure bucket into an insecure bucket from a different

maybe a different developer not maybe probably gonna be a different developer in some cases could be a different application entirely so they might not even know each other and again I'm gonna wrap that up and upload it to a remote host and then through email I'm gonna I prepare that a submission which is again going out into the slash directory curl into the exploit that I prepared on tardy hunter it and then run Python dot space X dot pi which is denied and I did the the pound key there to make the rest of it comment so now I'm gonna upload it and first I'm gonna show you the bucket is secured so you I don't have access to

it even though I know the address and now I'm gonna submit my malicious file name or submission with the malicious file and again I submitted myself some notifications so I'll see that things happen phishing email bucket it hijacked okay so first of all I got two responses the first one is okay thank you we got your submission the second one is the one that I submitted from the origins of the organization and they say thank you for your submission you were you have been selected and click here fishing comm to get your honorarium for your application they're probably gonna ask before Maybank you can do whatever but as you can see i also change the

permissions of the bucket that holds the entire submissions to be public and I can now well I can now see the inter files I can even download them if I want and again this is fun because it's submissions but it could be more severe things that happens and because we're a lacking time I'm not going to show you I did it also with Alexa voice command so you can actually do injections with voice commands you can look it up in the internet I actually basic basically I said Alex please hack now yeah now I'm joking but I did something like I give it the information or the ID or the account ID and then I said or true

or and you can pipe commands and then II can cause SQL injection if the developer wasn't smart enough is now security you can do it with logs with code and basically you can do it with a lot of stuff so two things that I'm going to mention is that I started the OS several is top 10 which is again it's open source you can go and look take a look read the report we have a first report and you can participate and the second part you can also open source you can download the demo neural service application and you can practice for yourself it's open source you can actually if you have if you have an AWS

account you can just go to the repository and do three clicks to get it installed so it no configuration zero configurations you have it up and running this is recorded so I know I said it and it's recorded don't install it on anyone's production account because you'll get fired if not go in prison they're just a bunch of resources that are vulnerable to do whatever they want in the account so does that dumb do that thank you very much for attending this talk [Applause] just in time for for questions two minutes for questions yeah sorry oh the repository it's recorded but okay you know na komm /a /div ESA or I didn't put it here you can just look it up okay any

other questions yeah okay so first of all it's very difficult to even know that there is a lambda function behind there are some ways or another clouds function there are some ways to know they involve usually around headers but this is only if it's an HTTP request and you can see the headers if it's an email there is no way to know you can just try so if you suspect the function or an application is built on server list you have to know some payloads that will target functions and try them like you would do in regular applications all right