cloudtrail__csv_injection via send-ssh-keys

[jkotrady]

Hello, I discovered that using send-ssh-keys via AWS, as documented here one can send anything to the AWS. AWS has some verification that given string is or is not public ssh key, but it do not have this verification for Cloudtrail. I discovered, that if you send whatever (even AAAAAAAAAA) via send-ssh-keys API/CLI, it will be logged in cloudtrail (whatever you will send there, will be logged 1 to 1). We can use this to create new testing scenario, similar to cloudtrail__csv_injection, or others.

AWS do not consider this as a security problem, therefor, lets add this as feature.

It is in a request field of cloudtrails logs, :

{"instanceld": "i-0.....7", "instanceOSUser": "ec2-user", "sSHPublicKey":
"Aа0Aa1Aa2Aа3Aa4Aа5Aa6Aa7Aa8Аa9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8Ab9Aс0Aс1Ac2Ac3Aс4Ac5Ac6Ac7Ac8Ac9Ad0Ad1Ad2Ad3Ad4Ad5Ad6Ad7Ad8Ad9Ae0Ae1Ae2Ae3Ae .... 

[DaveYesland]

This seems like a good idea to add to the module. Is this something you were interested in making a pull request for?