Pwning AWS Lambdas & GCP Cloud Functions
Is persistence on serverless even possible?! Pwning AWS Lambdas & GCP Cloud Functions
Serverless computing is not only a popular option in the cloud environments, but also a suggested method for creating a lot of things! Did you even think about how it works under the hood? Is serverless really server-less? How execution environment works? Is persistence even possible in this event-driven compute service? I won’t be lying - Remote Code Executions are rare, but what if there is one in your function? I will show how to use it to acquire persistency and exfiltrate more data than function role gives. Let’s discover: How the infrastructure in serverless works. Why persistence is possible in this semi-volatile environment. How to research serverless environment using pseudo shell over HTTP. How can we make use of an RCE vulnerability to obtain a persistence – exploitation demo will be shown! Possible mitigations. Let’s hijack the data real-time from the AWS Lambdas and GCP Cloud Functions!