Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Microsoft Azure Cloud Metadata Service Check" module is designed to detect misconfigurations in the Microsoft Azure cloud host. It targets the instance metadata service and checks if it is exposed as a proxy. This module is classified as critical, indicating the potential for significant access to the host and infrastructure. The module was authored by sullo.
If the Microsoft Azure cloud host is misconfigured as a proxy, it allows unauthorized access to the instance metadata service. This can lead to potential security breaches and compromise the confidentiality and integrity of the host and infrastructure.
The module sends an HTTP request to the targeted host, requesting the instance metadata service. Here is an example of the HTTP request:
GET http://<hostval>/metadata/instance?api-version=2021-02-01 HTTP/1.1
Host: <hostval>
Metadata: true
The module then applies matching conditions to the response body of the HTTP request. In this case, it looks for the presence of the "osType" and "ipAddress" keywords. If both keywords are found, it indicates a misconfiguration, triggering a vulnerability report.
By detecting misconfigurations in the Microsoft Azure cloud host's metadata service, this module helps identify potential security risks and allows for timely remediation.