https://adicpnn.com/tags/cross-account/Recent content in Cross-Account on security ?!Hugoen-usThu, 12 Mar 2026 00:00:00 +0000https://adicpnn.com/blog/cloudfoxable/segue/Thu, 12 Mar 2026 00:00:00 +0000https://adicpnn.com/blog/cloudfoxable/segue/<!-- raw HTML omitted --> <p>You&rsquo;ve just gained access to the reinier role. Utilize cloudfox and see where it takes you!</p> <!-- raw HTML omitted --> <h3 id="information-gathering">Information Gathering</h3> <p>First things first, set up the profile, and test access.</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">adicpnn@laboratory cloud % cat ~/.aws/config <span class="p">|</span> tail </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="o">[</span>profile reinier<span class="o">]</span> </span></span><span class="line"><span class="cl"><span class="nv">region</span> <span class="o">=</span> eu-central-1 </span></span><span class="line"><span class="cl"><span class="nv">role_arn</span> <span class="o">=</span> arn:aws:iam::129323993607:role/reinier </span></span><span class="line"><span class="cl"><span class="nv">source_profile</span> <span class="o">=</span> cloudfoxable </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">adicpnn@laboratory cloud % aws sts get-caller-identity --profile reinier </span></span><span class="line"><span class="cl"><span class="o">{</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;UserId&#34;</span>: <span class="s2">&#34;AROAR4HCPRIDTDEJTABUR:botocore-session-1773311810&#34;</span>, </span></span><span class="line"><span class="cl"> <span class="s2">&#34;Account&#34;</span>: <span class="s2">&#34;129323993607&#34;</span>, </span></span><span class="line"><span class="cl"> <span class="s2">&#34;Arn&#34;</span>: <span class="s2">&#34;arn:aws:sts::129323993607:assumed-role/reinier/botocore-session-1773311810&#34;</span> </span></span><span class="line"><span class="cl"><span class="o">}</span> </span></span></code></pre></td></tr></table> </div> </div><p>Then, enumerating attached policies.</p>