Merge pull request #175 from TheToddLuci0/add_credential_process

carlospolop · web-flow · commit 9f72e3af9260 · 2025-04-07T03:04:24.000+02:00
Add `credential_process` info
diff --git a/src/pentesting-cloud/aws-security/aws-basic-information/README.md b/src/pentesting-cloud/aws-security/aws-basic-information/README.md
@@ -397,6 +397,26 @@ aws --profile acc2 ...
 
 If you are looking for something **similar** to this but for the **browser** you can check the **extension** [**AWS Extend Switch Roles**](https://chrome.google.com/webstore/detail/aws-extend-switch-roles/jpmkfafbacpgapdghgdpembnojdlgkdl?hl=en).
 
+#### Automating temporary credentials
+
+If you are exploiting an application which generates temporary credentials, it can be tedious updating them in your terminal every few minutes when they expire. This can be fixed using a `credential_process` directive in the config file. For example, if you have some vulnerable webapp, you could do:
+
+```toml
+[victim]
+credential_process = curl -d 'PAYLOAD' https://some-site.com
+```
+
+Note that credentials _must_ be returned to STDOUT in the following format:
+```json
+{
+  "Version": 1,
+  "AccessKeyId": "an AWS access key",
+  "SecretAccessKey": "your AWS secret access key",
+  "SessionToken": "the AWS session token for temporary credentials", 
+  "Expiration": "ISO8601 timestamp when the credentials expire"
+}  
+```
+
 ## References
 
 - [https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html)
