Closed walterking closed 6 years ago
walterking
commented
6 years ago I verified this, if you do arp -s 169.254.169.254 <victim mac address> then you can just curl the metadata address and steal credentials as long as you are on the same network(ie, coffee shop).
dialtone
commented
6 years ago https://github.com/99designs/aws-vault/commit/9053ba8138ea948c75d2a0cc4ad88636ac0a9fd6
this is how they fixed it.
copumpkin
commented
6 years ago Ouch, this seems pretty bad. Can we steal that remote address check for hologram?
On May 31, 2018, at 17:45, Valentino Volonghi notifications@github.com wrote:
99designs/aws-vault@9053ba8
this is how they fixed it.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
dialtone
commented
6 years ago Yeah, should be pretty easy to do
dialtone
commented
6 years ago https://github.com/AdRoll/hologram/pull/97 This should do it.
BillMedernach
commented
6 years ago Tested this with the latest version of Hologram and this vulnerability is fixed.
I came across https://github.com/99designs/aws-vault/issues/198, not sure if it applies and have nothing to test with, but someone should probably check if this issue applies to hologram or not as it could mean leaking credentials to anyone on the network