AMI not worthy? - Solution

Introduction

Hoffman was an AWS Administrator who spent most of his time staring outside the office window in downtown Frankfurt and wondering "am i not worthy?". He hated his job. His only way out was to quit and move on to a different organization that would perhaps let him spread his wings and fly into the clouds.

So, one day he moved all his sensitive information to an AMI, changed the permission to public and left, so that he could extract the contents later, from his new office across the city. He thought this would not raise any red flags, oh but he thought wrong, didn't he?

Can you find the AMI and check what was the data Hoffman was planning to steal?

Starting point

Login to your AWS account and go to EC2 to begin your search.

Your task

  1. Identify the public AMI.

  2. Read the flag from the user's home directory.

Walkthrough

  1. Login to your AWS account and navigate to EC2 > AMIs

  2. Change the region to Frankfurt

  3. Search for hoffman or appsecco. An AMI with id ami-08a7f5963863d4492 is identified.

  4. Create an EC2 instance from this AMI

  5. Use the AWS Connect button to get a AWS web shell to the instance as root

  6. Get the name and path of the home directory of the user hoffman - cat /etc/passwd

  7. Access the flag at /opt/home/flag.txt folder

PreviousRunning in the Clouds - SolutionNextA Bucket Load of Trouble - Solution

Last updated