avatarTeri Radichel

Summarize

Decoding AWS Error Messages

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: AWS Security | Application Security | CloudFormation

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sometimes you’ll get an encoded error message in the AWS console. That’s because there are ways for attackers to insert code in these messages potentially that could execute in your browser.

Great but how do you view the message? You have to decode it. But you don’t decode it with base64 or some other command line tool, you use the AWS CLI and the sts decode-authorization-message command.

First of all save your message to a variable like this:

msg="copy and paste the encoded message here"

Then run the sts command to decode the value like this:

aws sts decode-authorization-message --encoded-message "$msg" --output text

I still find that a bit hard to read so I actually add some additional sed commands at the end to weed out some of the JSON formatting.

aws sts decode-authorization-message --encoded-message "$msg" --output text | sed 's/,/\n\r/g' | sed 's/{//g' | sed 's/}//g' | sed 's/"//g'

Then at least it’s a bit more readable:

Whether it’s helpful or not — you can decide for yourself :) I’m writing about this particular output in my other blog series:

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2022

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Error Message
Decode
Encoded
AWS
Console
Recommended from ReadMedium