Is serverless insecure? Let's find out..aws
Posted: Sat Aug 18, 2018 10:27 pm
Is serverless insecure? Let's find out..
"This is a simple AWS lambda function that does a straight exec. Essentially giving you a shell directly in my AWS infrastructure to just run your commands. A security teams worst nightmare.
Do whatever you want. Ultimate goal: take over the account, escalate privs or find some sensitive info."
http://www.lambdashell.com/
"This is a simple AWS lambda function that does a straight exec. Essentially giving you a shell directly in my AWS infrastructure to just run your commands. A security teams worst nightmare.
Do whatever you want. Ultimate goal: take over the account, escalate privs or find some sensitive info."
http://www.lambdashell.com/