This guide offers step-by-step instructions to create a vulnerable web server and an attacker machine on AWS, focusing on setting up a simulated SSRF environment. It covers launching EC2 instances, configuring security, deploying vulnerable code, and enabling communication between the attacker and target systems. #SSRF #AWSEC2
Keypoints
- Launch and configure an Ubuntu EC2 instance for hosting the web server with SSRF vulnerability.
- Create and attach an IAM role with full EC2 access to facilitate privilege escalation scenarios.
- Set up a Kali Linux EC2 instance to serve as the attacker machine with necessary security group rules.
- Configure security groups to allow web traffic, ping requests, and other necessary protocols.
- Verify network connectivity between attacker and target systems via ping tests and SSH connections.
Read More: https://www.hackingarticles.in/aws-penetration-testing-lab-setup/