search
LinkedInGitHubYouTube

RDS

Abusable AWS EC2 permissions that can lead to compromise or privilege escalation

hashtag
rds:ModifyDBInstance

  • With this permission, we can modify the master password of the database's master user

aws rds modify-db-instance \
    --db-instance-identifier <database-id> \
    --master-user-password 'P@$$word123!' \
    --apply-immediately
PreviousOpenID Connect (OIDC)NextS3

Last updated