Webhook-url-http-3a-2f-2f169.254.169.254-2fmetadata-2fidentity-2foauth2-2ftoken

This specific endpoint is used to retrieve Managed Identity tokens for Azure resources (like Virtual Machines or Container Apps).

"tokenType": "Bearer", "expiresIn": 3600, "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsIng1QiJ9..." This specific endpoint is used to retrieve Managed

Example:

Since SSRF originates from within the server, it can reach endpoints protected by perimeter firewalls. This effectively turns the ... Resecurity Azure SSRF with Workflow Designer Feature This specific endpoint is used to retrieve Managed

GET http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/ Metadata: true This specific endpoint is used to retrieve Managed

Attack Vector: SSRF (Server-Side Request Forgery)

Scroll to Top

Neem bij 10+ licenties
contact met ons op

Profiteer van onze staffelkorting! Vraag een offerte aan en ontvang een scherpe prijs op maat.