SSRF Bug Leads To AWS Metadata Exposure
5 min readOct 26, 2022
--
How can you leverage an SSRF (“Server Side Request Forgery”) vulnerability to evade filters and leak internal AWS credentials on a web application? Today I will discuss how I managed to utilize a webpage screenshot feature to bypass certain filters and exfiltrate server side AWS Metadata.