Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console | Datadog Security Labs
Tags
attack-pattern: Data Credential Stuffing - T1110.004 Multi-Factor Authentication - T1556.006 Python - T1059.006 Denial Of Service
Show in Graph
Common Information
Type Value
UUID 84955013-042f-4c4b-b77b-5801b47cf3e8
Fingerprint 3100ec0a0e5225d5
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 6, 2023, midnight
Added to db Aug. 13, 2023, 9:50 a.m.
Last updated Nov. 17, 2024, 12:57 p.m.
Headline Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console
Title Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console | Datadog Security Labs
Detected Hints/Tags/Attributes 27/1/15
Source URLs
Redirection Url
Details Source https://securitylabs.datadoghq.com/articles/aws-console-rate-limit-bypass/
URL Provider
Details Provider Source level domain
Details datadoghq.com securitylabs.datadoghq.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 230 Datadog Security Labs https://securitylabs.datadoghq.com/rss/feed.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 11 
console.aws.amazon.com
Details Domain 5 
signin.aws.amazon.com
Details Domain 2 
us-east-1.console.aws.amazon.com
Details Domain 98 
requests.post
Details Domain 1 
bruteforce.py
Details Domain 4 
signin.amazonaws.com
Details File 1 
requests.url
Details File 72 
response.json
Details File 1 
bruteforce.py
Details File 4 
500-worst-passwords.txt
Details Url 2 
https://signin.aws.amazon.com
Details Url 1 
https://us-east-1.console.aws.amazon.com/console
Details Url 1 
https://us-east-1.console.aws.amazon.com/console?code
Details Url 1 
https://console.aws.amazon.com/console/home
Details Url 1 
https://signin.aws.amazon.com/authenticate