From 2e66838b2728d8d03efa9312e1bc35789bd0ffaf Mon Sep 17 00:00:00 2001 From: 0x1337 <22545687+0x1347@users.noreply.github.com> Date: Tue, 28 Apr 2026 00:10:52 +0200 Subject: [PATCH] arte-veue --- .../aws-security/aws-services/aws-ecs-enum.md | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md index c7a70f46cb..758f25d74a 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md @@ -53,6 +53,43 @@ aws ecs describe-tasks --cluster --tasks aws ecs describe-task-definition --task-definition : ``` +### On-Host Enumeration via the ECS Agent State DB (`agent.db`) + +When you have **shell access on an ECS container instance** , or you have **escaped a container with a host bind-mount of `/var/lib/ecs`** (a common misconfiguration when tasks run privileged or with `volumesFrom` exposing the host data dir), the ECS agent leaves `agent.db` on disk that can be read **without any AWS API call**, **without any IAM permission**, and **without triggering CloudTrail**. + +``` +/var/lib/ecs/data/agent.db +``` + +(or, when reading from a container that has the host mounted at `/host`, `/host/var/lib/ecs/data/agent.db`). + +```bash +# Most useful one-liner — dumps everything readable +strings /var/lib/ecs/data/agent.db + +# From inside a container with the host mounted at /host +strings /host/var/lib/ecs/data/agent.db + +# Filter for the highest-value artefacts +strings /var/lib/ecs/data/agent.db | grep -aE 'arn:aws:|AKIA|ASIA|"secret|password|TOKEN|credentials|taskRoleArn|executionRoleArn' + +# Save the outcome from strings for offline analysis +strings /host/var/lib/ecs/data/agent.db >> /tmp/agent.txt +tr -s '{}[],:"\\' '\n' < /tmp/agent.txt | sed 's/^[[:space:]]*//; s/[[:space:]]*$//' | awk 'NF && length($0)>2 && !/^[0-9.]+$/' | sort -u +``` + +#### What you can recover + +Depending on the cluster's age and workload churn, `strings` against `agent.db` typically yields: + +- **Task and execution IAM role ARNs** (`taskRoleArn`, `executionRoleArn`) for every task the agent has run — useful targets for [credential retrieval via the task metadata endpoint](https://cloud.hacktricks.wiki/en/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html) (`169.254.170.2`). +- **Full task definitions** — image URIs (often private ECR repos), command, entrypoint, port mappings, mount points, log configuration, and **plaintext environment variables** that frequently include database URLs, API tokens, and third-party secrets. +- **Secrets references** — `secretOptions` and `secrets` blocks pointing at SSM Parameter Store paths and Secrets Manager ARNs (great pivot list). +- **Container instance ARN, cluster ARN, and registration token** — confirms the cluster name and account/region context with no API call. +- **ENI metadata** — private IPs, MAC addresses, subnet IDs, and security group IDs assigned in `awsvpc` mode (useful for lateral movement planning). +- **Image pull credentials** — when the task definition uses `repositoryCredentials`, the referenced Secrets Manager ARN is here; on older agents private-registry auth blobs (`ECS_ENGINE_AUTH_DATA`) may also be cached. +- **Recently-stopped task containers** — including names, IDs, exit codes and labels, sometimes long after the corresponding `aws ecs describe-tasks` call has aged them out of the API response. + ### Unauthenticated Access {{#ref}}