This blog post is the fourth in a series about hacking AWS Lambda functions. It demonstrates how a simple file upload feature connected to Amazon S3 can fully compromise AWS credentials and services. The article explores an OS command injection vulnerability via S3 bucket events, showing how attackers can extract AWS credentials from Lambda environments. It highlights the severe impact of compromised cloud service permissions, particularly with AWS Simple Email Service (SES). The post provides a detailed walkthrough of exploiting the vulnerability, including creating malicious file names and using Python code injection. It also discusses AWS Lambda runtimes and their security implications. The article concludes by examining how Amazon Inspector can detect such vulnerabilities and emphasizes the importance of regular security audits and vulnerability scanning in preventing these types of attacks.