Haziz initially got down to construct an eBPF-based real-time monitoring instrument for ECS workloads. Whereas doing so, he intercepted communication between the ECS agent and AWS backend as a part of his debugging course of, which is when he observed the undocumented WebSocket channel.
From lowly duties to privileged IAM roles
Due to the default availability of IMDS, any container (with low-level entry) on an EC2-based ECS occasion can learn the occasion function credentials meant for the ECS agent.
“No container breakout (no hostroot entry) was required – nonetheless IMDS entry was required through intelligent community and system trickery from inside the container’s personal namespace,” Haziz famous, including that accessing IMDS lets any container impersonate an ECS agent. AWS has documentation on find out how to forestall or restrict entry to IMDS.
Armed with these occasion function credentials, the attacker can forge communication over the ACS WebSocket. This permits them to intercept or request IAM credentials of different working duties, even when these duties are alleged to be remoted by IAM roles. Basically, the compromised container escalates by masquerading because the orchestrator ECS agent answerable for managing and orchestrating duties.
“The stolen keys (IAM credentials) work precisely like the true activity’s keys,” Haziz stated. “AWS CloudTrail will attribute API calls to the sufferer activity’s function, so preliminary detection is hard – it seems as if the sufferer activity is performing the actions.” This lets attackers be invisible within the logs as a result of AWS thinks the sufferer is doing every part.
