A bug bounty writeup detailing the discovery of a critical Server-Side Request Forgery (SSRF) vulnerability in a SaaS application's URL-fetching endpoint. By sending requests to the AWS Instance Metadata Service (169.254.169.254), the researcher retrieved temporary IAM credentials. The post covers the step-by-step exploitation

4m read timeFrom infosecwriteups.com
Post cover image
Table of contents
What Is SSRF? (Quick Explanation)How I Found ItThe Report I SubmittedGet Hacker MD ’s stories in your inboxThe ResultWhat You Can Learn From ThisTools I UsedFinal Thoughts

Sort: