/**
 * Mock AWS Instance Metadata Service (IMDS)
 *
 * Simulates http://169.254.169.254/latest/meta-data/
 * Used to demonstrate SSRF impact - credential theft from cloud environments
 */

import express from 'express';

const app = express();
const PORT = 8888;

// Log all requests
app.use((req, res, next) => {
  console.log(`[METADATA] ${req.method} ${req.path}`);
  next();
});

// Simulate IAM role listing
app.get('/latest/meta-data/iam/security-credentials/', (req, res) => {
  console.log('[METADATA] >>> Listing IAM roles');
  res.type('text/plain').send('vulnerable-ec2-role');
});

// Simulate credential retrieval - THE MONEY SHOT
app.get('/latest/meta-data/iam/security-credentials/vulnerable-ec2-role', (req, res) => {
  console.log('[METADATA] >>> CREDENTIALS LEAKED! <<<');
  res.json({
    Code: 'Success',
    LastUpdated: '2026-01-14T10:00:00Z',
    Type: 'AWS-HMAC',
    AccessKeyId: 'AKIAIOSFODNN7EXAMPLE',
    SecretAccessKey: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
    Token: 'FwoGZXIvYXdzEBYaDKSampleSessionToken...truncated',
    Expiration: '2026-01-14T16:00:00Z'
  });
});

// Other metadata endpoints
app.get('/latest/meta-data/instance-id', (req, res) => {
  res.send('i-0123456789abcdef0');
});

app.get('/latest/meta-data/local-ipv4', (req, res) => {
  res.send('10.0.0.42');
});

app.get('/latest/meta-data/public-ipv4', (req, res) => {
  res.send('54.123.45.67');
});

// Catch-all
app.get('*', (req, res) => {
  res.send('metadata-endpoint-response');
});

app.listen(PORT, () => {
  console.log('='.repeat(50));
  console.log('MOCK AWS METADATA SERVICE');
  console.log('='.repeat(50));
  console.log(`[*] Listening on http://127.0.0.1:${PORT}`);
  console.log('[*] Simulates: http://169.254.169.254');
  console.log('[*] Waiting for SSRF requests...');
  console.log('');
});