Discussion

Ridam Darji

Breaking cloud. Building defense

May 13

The AWS Autopsy | Case #02 — IAM Privilege Escalation - Uber

How One IAM Misconfiguration Gave an 18-Year-Old Full AWS Access at Uber Series: The AWS Autopsy — Real Cloud Breaches, Dissected Difficulty: Intermediate Lab Time: ~30 minutes AWS Cost: Near zero (IA

theawsautopsy.hashnode.dev12 min read

Responses(1)

RD

Ridam Darji

Breaking cloud. Building defense

May 14

Editor's Note: A reader correctly pointed out that no public source confirms Uber's exact IAM policy configuration. The lab demonstrates the documented IAM PrivEsc vector that becomes exploitable once AWS admin keys are obtained, not a Uber-specific claim.

Recent in Forum

J
I built GitGo
13h ago
S
The Reason Developers Are Going For Web App Marketplaces
10h ago
C
Hi, I'm Chirag Bhatia
13h ago
M
Why Most AI-Built Apps Never Make It to Production
14h ago
V
One thing surprised me while researching AI app builders.
114h ago

View all threads

Search Hashnode

The AWS Autopsy | Case #02 — IAM Privilege Escalation - Uber

Responses(1)

Recent in Forum