This scenario is not part of CloudGoat and was created by Cybr, which is why there is no Terraform for you to deploy in your own environment. Instead, a Cybr lab will be provided to you as part of your Cybr Membership and at no additional cost.



Introduction

============

This lab simulates an attack path where an attacker will try to access an object stored in an Amazon S3 bucket after discovering and taking advantage of an RCE vulnerability in a web application. Even though this web app is running on an Amazon EC2 instance with IMDSv2 enabled, it is still vulnerable to this type of attack.



This lab is used to demonstrate that just because you are using IMDSv2 instead of IMDSv1 does not mean that you are immune to compromise. You still need to make sure the apps you’re running on your instances (or within containers) are secure as well.



Let’s get into it!