Insecure Functionality Exposed in AWS
Play AWS Labs on this vulnerability with SecureFlag!
AWS has many tools and features, some of which can be useful in the right circumstances. However, it is important to understand the security implications of using these features.
Instance Metadata Service Version 1 (IDMSv1)
The Instance Metadata Service (IMDS) is a web service that provides information about the metadata of an instance to which it is attached. This information includes the instance identity document, profile credentials, and other instance attributes.
IDMSv1 is a simple request/response protocol that uses HTTP verbs and query parameters. It is designed to be used by software running on the instance to access instance metadata securely. However, if/when an attacker gains access to the instance, they can use this service to access sensitive information-gaining information such as the instance’s IAM role, which can then be used to escalate privileges.