This is security demo about SSRF on AWS
Step 1) Check the availability of these cars
Fiat
Ford
Audi
check if available
latest
Step 2) Find the vulnerability
Step 3) Run the attacker links
Attack 1:
check localhost
(it should fail)
Attack 2:
check if this is a AWS environment
(this should work)
(explanation)
Attack 3:
check if a role is attached to this AWS entity
(this should work)
Attack 4:
steal AWS credentials for this role
(this should work)