STS

STS overview and attacks

sts:GetFederationToken

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user.
A Python script leveraging Boto3 called aws_consoler can automatically generate AWS console credentials.
This works even if the user does not have console access configured!

aws_consoler

2024-03-09 14:46:03,754 [aws_consoler.logic] WARNING: Creds still permanent, creating federated session.
https://signin.aws.amazon.com/federation?Action=login&Issuer=consoler.local&Destina
[snip]

PreviousSNS Topic NextTools

Last updated 1 month ago