SSRF To AWS Role compromise
Last updated
Last updated
Load a local server using one of the following commands
Use your public IP as the payload, we expect to see a HTTP request in the local server logs. In this case we have confirmed SSRF
If you suspect that a firewall or other network protection systems are blocking the request, you can try to make the application retrieve a well known file from the OS. See the for a list of common file locations for Linux and Windows.
Check current role
Get associated key
Configure new profile on local machine and gain access to AWS environment
Verify credentials