Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Microsoft Azure Cloud Metadata Service Check

By kannthu

Critical
Vidoc logoVidoc Module
#exposure#config#azure#microsoft#proxy
Description

What is the "Microsoft Azure Cloud Metadata Service Check?"

The "Microsoft Azure Cloud Metadata Service Check" module is designed to detect misconfigurations in the Microsoft Azure cloud host. It targets the instance metadata service and checks if it is exposed as a proxy. This module is classified as critical, indicating the potential for significant access to the host and infrastructure. The module was authored by sullo.

Impact

If the Microsoft Azure cloud host is misconfigured as a proxy, it allows unauthorized access to the instance metadata service. This can lead to potential security breaches and compromise the confidentiality and integrity of the host and infrastructure.

How does the module work?

The module sends an HTTP request to the targeted host, requesting the instance metadata service. Here is an example of the HTTP request:

GET http://<hostval>/metadata/instance?api-version=2021-02-01 HTTP/1.1
Host: <hostval>
Metadata: true

The module then applies matching conditions to the response body of the HTTP request. In this case, it looks for the presence of the "osType" and "ipAddress" keywords. If both keywords are found, it indicates a misconfiguration, triggering a vulnerability report.

By detecting misconfigurations in the Microsoft Azure cloud host's metadata service, this module helps identify potential security risks and allows for timely remediation.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: osType, ipAddress
Passive global matcher
No matching conditions.
On match action
Report vulnerability