Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
This AWS lambda function will add the source IP from a GET request to a EC2 security group. Useful for CTF's where you want to have a vulnerable AWS infra, but want to "pre-clear" players (by them accessing/curling one URL) and allow them access through a secgroup.
import json
import boto3
from botocore.exceptions import ClientError
ec2 = boto3.client('ec2')
security_group_id = "sg-..." ## add your security group ID here!
#0. Copy/paste your security group id here ^^^
#1. Create a new lambda function, name it whatever
#2. Add a lambda function target -> API Gateway -> Create a GET endpoint that points to lambda
#3. Add the source code to the lamda function
#4. Add IAM policy to role of the lambda function so it can use authorize_security_group_ingress
#5. Issuing a GET request to the GET endpoint should whitelist that CTFers IP into the secgroup for EC2.
#6. You need to test the function live, since the requestContext won't be sent from the console.
def lambda_handler(event, context):
data = ""
data = ec2.authorize_security_group_ingress(
{'IpProtocol': 'tcp',
'FromPort': 0,
'ToPort': 65535,
'IpRanges': [{'CidrIp': str(event['requestContext']['http']['sourceIp']+"/32")}]}
except ClientError as e:
return {
'statusCode': 200,
'body': "hello " + event['requestContext']['http']['sourceIp'] + " have fun!"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment