Skip to content

Is there an echo in here?

The title is a hint. Look at the CloudFormation template after running to solve the challenge. The challenge exploits an "insecure feature" within CloudFormation.

Is there an echo in here?

Average Rating: 4.7

Difficulty: Medium

Platform: AWS

Points: 10

Estimated Cost: $1

Download the zip file, then run as pentesting-admin.
Switch to pentesting-user to solve the challenge.
No cheating :) You can look at the template source code in the console, but don't look at
The flag is an md5 hash located in flag.txt in the root folder of the s3 bucket created by the challenge.

Register and Sign In to participate.