logo
allArticlesConferencesPresentations

More Keys Than A Piano: Finding Secrets In Publicly Exposed Ebs Volumes

Conference:  Defcon 27

2019-08-01

Summary

The presentation discusses the findings of a research project on the vulnerability of unencrypted AWS disks and the importance of remediation.
  • Unencrypted AWS disks are vulnerable to attacks that can result in the theft of sensitive information such as source code, private keys, and API tokens.
  • Remediation involves searching for public disks, taking down the snapshot, rotating credentials, and conducting a post-mortem to understand how the vulnerability occurred.
  • Anecdotes include finding source code for government contractors and large tech companies, private keys, SQL files containing personal information, WordPress backups, and VPN credentials.
  • The presentation emphasizes the importance of designing for multi-region upfront, having tests for code, and understanding the AWS butterfly effect.
  • The speaker delayed the release of their tool to coordinate with Amazon and responsibly disclose the vulnerabilities.
The speaker found SQL files containing thousands of people's personal information, including usernames, hashed passwords, email addresses, and phone numbers. These files were often left on disks by developers who borrowed data from production environments for debugging purposes but failed to properly secure the disks. This highlights the importance of proper hygiene around SQL files and the potential risks of leaving sensitive information on unencrypted disks.

Abstract

Did you know that Elastic Block Storage (Amazon EBS) has a "public" mode that makes your virtual hard disk available to anyone on the internet? Apparently hundreds of thousands of others didn't either, because they're out there exposing secrets for everyone to see. I tore apart the petabytes of data for you and have some dirty laundry to air: encryption keys, passwords, authentication tokens, PII, you name it and it's here. Whole (virtual) hard drives to live sites and apps, just sitting there for anyone to read. So much data in fact that I had to invent a custom system to process it all. There's a massive Wall of Sheep out there on the internet, and you might not have even noticed that you're on it. Actually, you should stop reading and go check that out right now.
Materials:
Slides
Tags:

Post a comment

Related work

Class Resources: Kubernetes’ Fastest Way Of Shushing Noisy Neighbors

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Peter Hunt, Markus Lehtonen
2022-10-27

Manufacturing Hardware Implants from Idea to Mass Production: A Hacker's Journey

Conference:  BlackHat EU 2020
Authors:
2020-12-09

Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs

Conference:  BlackHat USA 2019
Authors:
2019-08-07

Infiltrating Corporate Intranet Like NSA ̶Pre-auth RCE on Leading SSL VPNs

Conference:  Defcon 27
Authors:
2019-08-01

No Such Thing as a Stupid Question: Why Knowledge Shaming is Making Us Less Secure

Conference:  BlackHat USA 2021
Authors:
2021-11-11

Fuzzing Linux with Xen

Conference:  Defcon 29
Authors:
2021-08-01