Amazon Web Services (AWS) is a growing cloud technology provider that many companies use to help house their data. Originating from Seattle, Washington in late 2006, AWS is steadily becoming the most prominent service provider. Due to its usability and its user-friendly interfaces, AWS is used by over 800,000 companies and makes up 65% or more of the cloud infrastructure space. Some of its better-known services, such as S3, Lambda, and EC2 will be frequently talked about through this book and are services that are commonly used in the real world.
This chapter is going to go over the basics of AWS and will walk through setting up an AWS account. It's important that we learn the basics of getting our AWS account configured and ready so that there isn't any additional housekeeping needed after setting up an account. After setting up an account, we'll walk through and set up a few EC2 instances with various flavors of operating systems, and look at vulnerable services within those operating systems. It's encouraged that, after completing the chapter, you look at building out more EC2 instances with other operating systems for your environment.
In this chapter, we'll explore AWS through the following topics:
- Exploring Amazon Web Services
- Understanding the testing environment
- Configuring the environment
- Exploring vulnerable services
- Attacking vulnerabilities
- The AWS Command Line Interface
To follow along with the instructions in this chapter, you will need the following:
- A browser of your choice (Chrome, Firefox, Edge)
- PuTTY: https://www.chiark.greenend.org.uk/~sgtatham/putty/ (installation steps are covered in the Connecting with PuTTY section).
Check out the following video to see the Code in Action: https://bit.ly/3kPrVkh
Exploring Amazon Web Services (AWS)
AWS is a cloud service provided by Seattle tech company, Amazon. AWS's comprehensive and easy-to-use setup makes it very attractive to small start-ups and large corporations. It works by allowing companies and businesses to set up their infrastructure off-premises and within the physical resources of Amazon. This type of service, called Infrastructure as a Service, delivers cloud computing as a whole service. You will see more of how easy it is to automate and build in AWS as we set up our lab throughout this book. However, you'll also notice some issues that may commonly be overlooked, such as security.
AWS doesn't take full responsibility for companies' data and security. In fact, Amazon has put out a shared responsibility model that ensures that both parties understand their rights and responsibilities in terms of customers' data. After all, Amazon is a company that is known as customer-obsessed.
AWS security and...
Understanding our testing environment
It's essential to understand all the systems we are going to be deploying and their use in this book. Building a lab benefits security research because it allows you to perform the same tactics and techniques that real hackers would execute, without having to worry about breaking any laws. For our lab, we will be setting up various hosts that mimic real-life systems that you would see incorporated into businesses. The only difference is we will be using some much older versions of software and operating systems. The purpose of using older systems is because they typically are much more vulnerable than their up-to-date, newer versions, making learning pentesting much easier – and fun!
We want to ensure that we learn a little bit of everything, so we will be using both Windows- and Unix-based operating systems. These systems are built drastically differently but are systems that you will face in real-life pentesting situations....
Configuring your environment
Configuring your environment is the most important task of this book. Without it, you won't have anything to test your skills! Building out an environment will teach you how to configure instances, add resources to them, and connect to them.
Setting up an account
- Please open a browser of your choice and go to the AWS home page located at https://aws.amazon.com/.
You will be greeted with a landing page and will see a button titled Create a Free Account. Simply click on Create a Free Account to get started with creating your profile:
- After clicking the button, you'll see how to create an AWS account. Fill out the information accordingly. If you use a student email address, you can get access to extra goodies:
- Once the form's filled out, click Continue and you&apos...
Exploring vulnerable services
Vulnerable services can be the Achilles heel of a system if left unpatched. What this means is vulnerabilities, if left unpatched, leave a severe weakness in companies' systems that can allow malicious hackers to gain access. A vulnerability is classed as an issue in a system that, if not fixed, could cause large issues if it were to become an attack vector. Vulnerabilities come in many variants and can come in the form of outdated operating systems, open ports, unauthorized access, and many more. To fix known vulnerabilities and protect systems from attacks, patches and updates have to be installed accordingly. Doing so helps remediate most of the major problems you will see.
Discovering vulnerable services
- Ensure that you have a list of targets. Targets are categorized as hosts – we can think of EC2 instances...
Attacking vulnerabilities is one of the more interesting aspects of cybersecurity. It's one thing to discover and patch an issue that you may have discovered, but actually getting to attack it takes your skills to another level! Attacking vulnerabilities is what sets penetration testing apart from other security careers. While most security positions only discover and remediate, pentesting attacks and exploits discovered issues. Doing so sheds light on how real a system's security posture may or may not be. One of the more popular tools you will hear about is called Metasploit.
A popular tool in the pentesting community is a framework known as Metasploit Framework. Also known as Metasploit, the automated software comes preinstalled on Kali Linux with exploits and payloads that can be configured and launched at vulnerable hosts. It also comes with exploits applicable to all flavors of operating systems, and payloads of...
The AWS Command Line Interface (CLI)
The AWS CLI is a great command-line tool that allows you to interface with AWS technology such as S3 buckets, interacting with EC2 instances and others. We will start to see actual use cases of implementing the AWS CLI in more depth in Chapter 4, Exploiting S3 Buckets. The AWS CLI is a great way to learn and get comfortable with using a terminal-like interface because it allows you to interact with everything in your AWS environment. For pentesting, it's always good to be comfortable with using a command line and/or a terminal because you never know when a GUI just won't do the trick. Imagine being in the middle of a penetration test and your tool interface freezes, or the frontend of an application throws an error and ceases to work. This is where understanding the command line proves to be beneficial.
Installing the AWS CLI
In this chapter, we learned how to create an AWS account that will allow us to set up an environment for us to create a host and pentest it later throughout the book. It is essential that we understand how to make labs within AWS, mainly due to it being the sole way we will be performing testing in this book, and how you would in a real-life situation. We learned what an EC2 instance is and how to set up an instance with various operating systems, helping us understand the importance of the various operating systems that we would see in a real-world pentesting situation. We learned about setting up vulnerable services within our host and what vulnerabilities entail regarding pentesting and AWS security. Lastly, we learned how to quickly set up the AWS CLI for us to interact with our AWS resources.
- You can find the files for the AWS CLI here: https://github.com/aws/aws-cli
- More information about AWS Educate: https://aws.amazon.com/about-aws/whats-new/2015/05/aws-educate-students-and-educators-can-access-aws-technology-cloud-courses-training-and-collaboration-tools/
- The PuTTY user guide can be found here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html
- More information on S3: https://docs.aws.amazon.com/cli/latest/reference/s3/
- More information on Metasploit: https://www.metasploit.com/