0x0e.org | pentesting perspective

braindump on pentesting, QA, metasploit, constant learning

john, meet amazon. amazon, john.

with 2 comments

These are a rough set of notes I put together when figuring out Amazon’s EC2. I’ve been using the boxes quite extensively to crack passwords. This has turned out to be a godsend for me when i’m on the road, and i need to be able to set up heavy duty machines on the fly.

To get started:

Set up an Amazon account:

Chances are you probably already have one, but if necessary you can sign up here: http://aws.amazon.com/ You can use your regular Amazon.com account to get started with EC2.

  • Take note of your key and secret key, you’ll need them in the next steps

Get & Configure ElasticFox Firefox Plugin

Though Amazon.com just released their own browser-based console to control machines, I prefer the ElasticFox plugin.

  • download latest version of elasticfox (firefox plugin)
  • open elasticfox
  • firefox -> tools -> elasticfox
  • click credentials
    • add your amazon credentials to the list
    • click okay
  • select the new account from the drop-down

Create a New Instance

  • Click the Amazon Machine Instances (AMI) and Instances tab
    • Hit the refresh button in the upper left (blue)
    • If you’re looking for a specific machine, type that in the search, and hit refresh
      • try the alestic ubuntu base (i386) machines – they’re vanilla, and rock-solid
    • right-click on the instance, say create

Selecting An Instance Type

  • Amazon images come in a few flavors:
    • M1 – memory – $0.10 / hour (default)
    • M2 – memory2 – $0.40 / hour
    • M3 – memory3 – $0.80 / hour
    • C1 – cpu1 – $0.20 / hour
    • C2 – cpu2 – $0.80 / hour

Generate a Public/Private key pair

Amazon, by default, requires key-based authentication. ElasticFox makes the management of this fairly painless, except when you’re dealing with multiple PCs. The management of these keys is important.  If the key is lost, you WILL NOT be able to log into the machine created with the key.

  • if you’re on linux, the pem file will work with the default terminal (if you’re on windows, a little extra work with putty / puttygen is needed here)
    • tested on ubuntu/gnome-terminal

Configuring an Elastic IP

  • Elastic IPs can be used to give a temporarary static IP to a machine
    • This can be useful in the case of connect-backs
  • Note that the machines a can always be accessed by public DNS name

Setting up the box

Now for the fun part.

  • run the following:
    #!/bin/bash<br />apt-get update<br />apt-get upgrade<br />apt-get install john<br />
  • Copy / Paste the hash file into the terminal
  • Run john on the hash file
  • ???
  • Profit.

enjoy :).

Advertisements

Written by jcran

January 31, 2009 at 11:10 PM

Posted in Uncategorized

2 Responses

Subscribe to comments with RSS.

  1. nice post!

    CG

    February 1, 2009 at 4:22 PM

  2. @cg — thanks man. there’s going to be more of these coming. Amazon’s official policy is that they allow scanning to / from the cloud, as long as it’s authorized (read: as long as they’re not getting complaints).

    jcran

    February 1, 2009 at 6:51 PM


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: