Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scenario 4: Exfiltrate EC2 role credentials using IMDSv2 with least privileged access does not print the secret key and access key #23

Open
gvoden opened this issue Aug 17, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@gvoden
Copy link

gvoden commented Aug 17, 2024

Describe the bug

after the scenario finishes it is supposed to print out the secret key, access key and session token but that does not actually happen. I only get the instance profile of the EC2 instance assumed role

Expected behavior

the leaked credentials are supposed to be printed in the output at the end of scenario

Current behavior

it says data.txt not found and the jq commands fail

Possible solution

not sure, it could be something to do with file permissions

Steps to reproduce

deploy the scenario and let it finish running

Screenshots

Context

Your Environment

the environment you experienced the bug in -->

Ubuntu desktop

@gvoden gvoden added the bug Something isn't working label Aug 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant