Exploitation

Work in Progress

Local Privilege Escalation: User Data
Escalate privileges on an EC2 instance by modifying the user-data scripts with modify-instance-attribute.
Local Privilege Escalation: User Data 2
Escalate privileges on an EC2 instance by modifying scripts and packages called by user data.
Steal EC2 Metadata Credentials via SSRF
Old faithful; How to steal IAM Role credentials via the EC2 Metadata service via SSRF.
Steal IAM Credentials and Event Data from Lambda
Leverage file read and SSRF vulnerabilities to steam IAM credentials and event data from Lambda.