Introduction
IMDSv2 added a lot of addition security to help prevent SSRF attacks and other attacks targeting the meta-data and temporary access keys within. But exactly how secure is it?
IMDSv2 Challenge – Bypass the meta-data controls to obtain the temporary access keys, which you can then use to find the flag.
This is a “hard” challenge, give it your best go here: https://pentesting.cloud/challenge/a-token-of-gratitude/