Pwned Labs - The ultimate cybersecurity training ground

Pwned Labs upskills cybersecurity professionals affordably and effectively. Explore our interactive labs that replicate real-world scenarios.

https://pwnedlabs.io/labs/pillage-exposed-rds-instances

In the backdrop of rising cybersecurity threats, with chatter on Telegram channels hinting at data dumps and Pastebin snippets exposing snippets of configurations, Huge Logistics is taking no chances. They've enlisted your team's expertise to rigorously assess their cloud infrastructure. Armed with a list of IP addresses and endpoints, a lead emerged — an RDS endpoint: exposed.cw9ow1llpfvz.eu-north-1.rds.amazonaws.com. Your mission? Dive deep into this endpoint's security, and identify any security issues before threat actors do.

1. Amazon Aurora (port 3306)

2. PostgreSQL (5432)

3. MySQL (port 3306)

4. MariaDB (port 3306)

5. Oracle Database (port 1521)

6. SQL Server (port 1433)

mac 的话，命令是：sed -i '' 's/:/\//g' mysql-creds.txt

mac sed -i '' 's/ /:/g' mysql-creds.txt

1. https://aws.amazon.com/blogs/security/detect-threats-to-your-data-stored-in-rds-databases-by-using-guardduty/ 主要介绍用 AWS 的 guardduty 日志来查看异常的数据库事件，如登录等

2. https://www.sqlservercentral.com/articles/demystifying-best-practices-and-enhancing-rds-security-with-amazon-guardduty 这篇文档到安全运营实践还是不错的，保护(AWS)数据库的最佳实践：
1. 配置安全组，防止数据库暴露在外界。确保与数据库交互的资源从同一 VPC 内连接
2. 为访问数据库的每个应用程序创建单独的用户角色，并具有最低限度的必要权限和访问权限
3. 定期轮换密钥和密码，使用临时凭证（具有有效期到 IAM 账户）执行人工操作维护任务。
4. 定期查看审计日志，以识别滥用模式

3. https://www.bleepingcomputer.com/news/security/microsoft-warns-of-brute-force-attacks-targeting-mssql-servers/ mssql 成为爆破到主要目标，并且可以通过 sqlps 工具作为 LOLBin 进行滥用