This IP address, 169.254.169.254 , is a special link-local address recognized by all cloud providers (AWS, Azure, GCP) to access metadata about the virtual machine.
Restrict outbound traffic at the security group or firewall level. No instance should need to make arbitrary HTTP requests to its own metadata service except via trusted system processes.
: If an attacker appends the role name to this URL (e.g., .../security-credentials/admin-role ), the service returns a JSON object containing a Secret Access Key , Access Key ID , and a Token . How the Attack Works
The actual, decoded target is: http://169.254.169.254/latest/meta-data/iam/security-credentials/ . This is a link-local address accessible only from within an Amazon EC2 instance. The metadata service allows applications running on the instance to retrieve information about itself, including the attached to it.
The URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ is a standardized, internal-only API endpoint for cloud instances. This IP address, 169
The string callback-url-http-3A-2F-2F169.254.169.254-2Flatest-2Fmeta data-2Fiam-2Fsecurity credentials-2F is far from random noise. It is an —a digital signpost pointing directly to one of the most sensitive internal cloud services.
The most effective defense against SSRF-based credential theft is migrating to . IMDSv2 requires a PUT request to first obtain a session token, which then must be included as a header in subsequent GET requests. This stops most SSRF attacks, which typically only support simple GET requests. Enforce IMDSv2 by setting http_tokens = "required" in your instance metadata options and http_put_response_hop_limit = 1 to prevent forwarding.
http://169.254.169.254/latest/meta-data/iam/security-credentials/
The callback URL is designed with security in mind: : If an attacker appends the role name to this URL (e
, which requires a session-oriented token to access metadata. This effectively neutralizes most SSRF attacks because the attacker cannot easily perform the required PUT request to get the token through a simple URL parameter. Input Validation/Allowlisting:
Thus, finding this exact encoded string in your logs or exploit payloads suggests an attacker is actively probing for metadata service exposure.
When you append /latest/meta-data/iam/security-credentials/ to this IP, you are asking the service for a list of IAM roles attached to the instance. Fetching the URL with the role name appended—e.g., http://169.254.169.254/latest/meta-data/iam/security-credentials/role-name —returns temporary security credentials. What Do the Credentials Look Like?
What is 169.254.169.254/latest/meta-data/iam/security-credentials/ ? The metadata service allows applications running on the
Never trust a user‑supplied URL. Implement a strict allowlist of allowed domains or protocols. If you must fetch arbitrary URLs, use a dedicated “fetch proxy” that:
Attackers frequently scan the web for poorly sanitized URL input parameters to target the URL string callback-url=http://169.254.169.254/latest/meta-data/iam/security-credentials/ . If successful, this payload targets the Amazon Web Services (AWS) Instance Metadata Service (IMDS) . It exploits applications that accept unvalidated user input to exfiltrate temporary IAM role credentials.
AWS introduced in late 2019 to address the inherent risks of IMDSv1. The old version (v1) was a simple, unauthenticated HTTP endpoint on 169.254.169.254 . Any process on the instance—or any process that could trick the instance into making a request—could retrieve metadata.
This specific callback URL is so critical because of the nature of the IAM credentials it exposes. These are , but they are extremely powerful. An attacker who steals these credentials can then run AWS CLI commands from their own machine, performing actions like listing S3 buckets, spinning up new instances, or reading databases, all while appearing as a legitimate service.