If you are on Azure, ensure your metadata service requires the Metadata: true header and the X-Identity-Header . However, never rely on this as your only defense —the attacker can still forge headers.
Protecting your applications from SSRF via webhooks requires a approach.
A potentially malicious webhook URL has been detected: http://169.254.169.254/metadata/identity/oauth2/token . This URL appears to be attempting to exploit a vulnerability in the Azure Instance Metadata Service.
The character string contains hex-encoded characters commonly used to bypass primitive input filters or transmit data cleanly through query parameters: %3A or 3A translates to a colon ( : ) %2F or 2F translates to a forward slash ( / ) 2. The Link-Local Address ( 169.254.169.254 ) If you are on Azure, ensure your metadata
The "Magic" IP: Why Your Webhook URL Could Be a Security Backdoor
The keyword webhook-url-http-3A-2F-2F169.254.169.254-2Fmetadata-2Fidentity-2Foauth2-2Ftoken is not just random characters—it’s a weaponized string used to pivot from a simple webhook feature to full cloud compromise. As server-side request forgery attacks grow more sophisticated, defenses must evolve beyond naive string matching.
Thus:
This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later.
This URL is frequently targeted by attackers via . If an application allows users to provide a "Webhook URL" and doesn't validate it, an attacker can input this metadata URL to steal the VM's identity token. Potential Impact
This is the (RFC 3927) reserved for cloud metadata services. When an attacker sends you a webhook URL that looks like http://169.254.169.254/metadata/identity/oauth2/token , they aren't trying to send you a friendly notification. They are trying to trick your server into stealing its own cloud identity tokens. A potentially malicious webhook URL has been detected:
– URL encoding bypasses simple string blacklists that look for 169.254.169.254 or metadata . Attackers can also use decimal, octal, or IPv6 representations (e.g., http://[::ffff:169.254.169.254]/ ).
: If the VM has contributor or owner permissions on the subscription, the token may grant nearly full administrative access to the entire Azure environment.