Infrastructure as Remote Code Execution: How to abuse Terraform to elevate access

Presented at Kernelcon 2023, April 15, 2023, 10:30 a.m. (60 minutes)

This talk will focus on ways to abuse the use of Terraform to elevate privileges, expose data, and gain further footholds in environments from a developer's perspective. We'll cover the common uses of Terraform and how a malicious actor could abuse Terraform and even bypass security controls to execute unapproved code. This talk will include multiple demos of ways to exploit Terraform cloud.

Presenters:

• Michael McCabe - MCM Consultants
  Michael McCabe is the president of Cloud Security Partners. Michael helps clients migrate their workloads to the cloud in a secure and managed way. He's worked with large financials during their cloud migrations and transformations. He focuses on creating secure, sane, and organized solutions for his clients.

Similar Presentations:

• ToorCon: Seattle 2008 / URI Use and Abuse
• BSidesSF 2022 Rescheduled / Attacking and Defending Infrastructure with Terraform: How we got admin across cloud environments
• DEF CON 29 (2021) / Abusing SAST tools! When scanners do more than just scanning