search

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform
https://www.guardicore.com/infectionmonkey/
GNU General Public License v3.0
6.63k stars 775 forks source link

Not able to retrieve metadata from AWS EC2 instance #4275

Open ilija-lazoroski opened 1 month ago

ilija-lazoroski commented 1 month ago

Describe the bug

When running an Monkey Island on AWS EC2 instance we are not able to retrieve the metadata. In order to read the AWS Instance metadata we need to send a token along with the request to receive the metadata. The related code is in aws_metadata.py

More info: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html

To Reproduce

Steps to reproduce the behavior:

  1. Create AWS EC2 instance
  2. Run the Monkey Island on the instance
  3. See that the Run on AWS button is not showing
  4. Check the logs and see the following log: 
    2024-08-06 09:31:52,356 - DEBUG - connectionpool.py:473 - _make_request() - [http://ip:80](http://ip/) "GET /latest/meta-data/instance-id HTTP/1.1" 401 343
2024-08-06 09:31:52,358 - DEBUG - aws_metadata.py:31 - fetch_aws_instance_metadata() - Failed init of AWSInstance while getting metadata: 401 Client Error: Unauthorized for url: http://ip/latest/meta-data/instance-id

Expected behavior

Add a function to retrieve the token before requesting the aws metadata