While performing a black-box penetration test, you gain a shell inside a Docker container that is running on an Amazon EC2 instance configured to require Instance Metadata Service v2 (IMDSv2). You want to download the temporary security credentials attached to the instance's IAM role. What sequence of HTTP calls will successfully retrieve the credentials from IMDSv2?
Run the command "aws sts get-session-token" inside the container; the AWS CLI will automatically harvest the instance credentials even when IMDSv2 is enforced.
With IMDSv2, metadata access is a two-step, session-oriented process. First, you must request a session token by sending an HTTP PUT request to http://169.254.169.254/latest/api/token and include the header X-aws-ec2-metadata-token-ttl-seconds (for example, 21600). IMDS returns the token in the response body. Next, supply that token in the header X-aws-ec2-metadata-token when issuing an HTTP GET request to the full credentials path http://169.254.169.254/latest/meta-data/iam/security-credentials/. A prior GET to …/security-credentials/ (with the token) can reveal the actual . Direct unauthenticated GETs fail, the AWS CLI cannot bypass the token requirement from inside an un-credentialed container, and Azure's metadata endpoint is unrelated to AWS.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is IMDSv2 and how does it improve security?
Open an interactive chat with Bash
What are IAM roles and how do they relate to EC2 instances?
Open an interactive chat with Bash
How does the token-based workflow in IMDSv2 function?
Open an interactive chat with Bash
What is IMDSv2 and why is it required in AWS?
Open an interactive chat with Bash
What is the purpose of the X-aws-ec2-metadata-token-ttl-seconds header?
Open an interactive chat with Bash
What is an IAM role and how does it relate to instance metadata?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cloud Computing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .