Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/wickett/lambhack

A very vulnerable serverless application in AWS Lambda
https://github.com/wickett/lambhack

Last synced: 3 months ago
JSON representation

A very vulnerable serverless application in AWS Lambda

Host: GitHub
URL: https://github.com/wickett/lambhack
Owner: wickett
License: mit
Created: 2017-02-08T17:06:55.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2019-10-07T16:30:37.000Z (about 5 years ago)
Last Synced: 2024-07-06T00:05:22.057Z (4 months ago)
Language: Go
Homepage:
Size: 2.76 MB
Stars: 95
Watchers: 9
Forks: 27
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

Awesome-CloudSec-Labs - lambhack - hosted lab | [James Wickett](https://twitter.com/wickett) | Deploy a very vulnerable AWS lambda serverless application in your AWS account | (Sorted by Technology and Category)
awesome-sec-challenges - Lambhack - A vulnerable serverless Amazon Web Services (AWS) lambda application. (Capture The Flag / Cloud-Focused)
awesome-golang-security - Lambhack - A very vulnerable serverless application in AWS Lambda. (Hacking Playground)

README

#lambhack
A vulnerable serverless lambda application. This is certainly a bad idea to base any coding patterns of what you see here.

lambhack allows you to take advantage of our tried and true application security problems, namely arbitrary code execution, XSS, injection attacks aand more.

This first release only contains arbitrary code execution through the query string. Please feel free to contribute new vulnerabilities.

## What can you do with lambhack?

See Velocity preso > http://www.slideshare.net/wickett/serverless-security-are-you-ready-for-the-future

## Example CMDEXE

You can pass OS commands in the query string args
```
$ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/prod/lambhack/c?args=uname+-a;+sleep+1"
```

Lambda container reuse in action
```
$ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/prod/lambhack/c?args=ls+/tmp;+sleep+1"

$ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/prod/lambhack/c?args=touch+/tmp/wickettfile;+sleep+1”

$ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/prod/lambhack/args=ls+/tmp;+sleep+1"
```

## Setup

```
go get github.com/wickett/lambhack
```

In case you are new to golang, this clones the project to `$GOPATH/src/github.com/wickett/lambhack`

Now you need to setup your AWS user and local credentials. I recommend setting up creds in `.aws/credentials` and using a profile called sparta with limited perms.

## License
MIT License

## Contributing
Send in PRs

## Known Problems
* No UI!
* No XSS attacks
* No Injection attacks
* No auth attacks
* ....

Would love some help!