Vulnerable Lambda vulnmachines walkthrough

What is Lambda in AWS?

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.

Let’s understand some misconfigurations which can lead to unauthorised access of sensitive resources. We have created labs regarding some of the misconfiguration, all related to different AWS services.

In this challenge, a web application uses lambda function to run code on specific events. You have to exploit vulnerability in lambda function code to retrieve the flag.

Step 1: Login to Vulnmachines

Step 2: Navigate to “Challenges >> Cloud Labs >> Serverless Application”.

Step 3: Click on “Lab Access” to navigate to lab

Step 4: Perform recon to identify URL parameters. We used the “Param Miner” Burp extension and found the “command” parameter.

Step 5: Identify different web application vulnerabilities. As the parameter name is “command”, we tried to find the command injection vulnerability as shown in the figure below.

Here you can observe different files out of which “main.py” looks interesting.

Step 6: Read “main.py” using the “cat main.py” command.

Flag: vnm{Yes_I_Got_Your_Lambda_Code}