Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Not Picking up Instance Profile On EC2 #624

Open
jamcg opened this issue Feb 3, 2025 · 0 comments
Open

Not Picking up Instance Profile On EC2 #624

jamcg opened this issue Feb 3, 2025 · 0 comments
Assignees
@christophetd

Comments

@jamcg
Copy link

jamcg commented Feb 3, 2025

What is not working?
Hi, I am attempting to use stratus with an EC2 instance profile attached to an EC2 instance. However, stratus cannot pickup the role to authenticate. Am I missing a step to get this working?

I have created an EC2 instance with an IAM Instance Profile attached. The IAM Role is assigned AdministratorAccess.

What OS are you using?
Ubuntu 24.04.1 LTS

What is your Stratus Red Team version?

$ stratus version
2.20.0

Full output?

$ echo $AWS_REGION
us-east-1

$ aws sts get-caller-identity
{
    "UserId": "AROA3YTM4ZYMMFLQEHNEW:i-026f7a8e338d2b987",
    "Account": "808xxxxxxxxx",
    "Arn": "arn:aws:sts::808xxxxxxxxx:assumed-role/ec2-role-7gfgwjph/i-026f7a8e338d2b987"
}

$ aws ec2 describe-account-attributes
{
    "AccountAttributes": [
        {
            "AttributeName": "supported-platforms",
            "AttributeValues": [
                {
                    "AttributeValue": "VPC"
                }
            ]
        },
        {
            "AttributeName": "vpc-max-security-groups-per-interface",
            "AttributeValues": [
                {
                    "AttributeValue": "5"
                }
            ]
        },
        {
            "AttributeName": "max-elastic-ips",
            "AttributeValues": [
                {
                    "AttributeValue": "5"
                }
            ]
        },
        {
            "AttributeName": "max-instances",
            "AttributeValues": [
                {
                    "AttributeValue": "20"
                }
            ]
        },
        {
            "AttributeName": "vpc-max-elastic-ips",
            "AttributeValues": [
                {
                    "AttributeValue": "5"
                }
            ]
        },
        {
            "AttributeName": "default-vpc",
            "AttributeValues": [
                {
                    "AttributeValue": "vpc-8567f7f8"
                }
            ]
        }
    ]
}

$ stratus detonate aws.persistence.iam-backdoor-role
2025/02/03 12:59:24 Checking your authentication against AWS
2025/02/03 12:59:24 you are not authenticated against AWS, *or* you have not set your region.

Troubleshooting:
1. Are you authenticated against AWS?
2. Do you have a region or default region set (whether in your AWS configuration file or in your environment)? If not, run 'export AWS_REGION=xxx'
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@christophetd christophetd

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@christophetd @jamcg