def is_safe_webhook_url(user_input): decoded = unquote(user_input) parsed = urlparse(decoded) if parsed.scheme not in ('http', 'https'): return False # Resolve hostname to IP import socket try: ip = socket.gethostbyname(parsed.hostname) except: return False # Reject private, link-local, loopback private = ipaddress.ip_network('10.0.0.0/8') link_local = ipaddress.ip_network('169.254.0.0/16') loopback = ipaddress.ip_network('127.0.0.0/8') ip_obj = ipaddress.ip_address(ip) if ip_obj in private or ip_obj in link_local or ip_obj in loopback: return False # Additional: allowlist check allowed = ['api.yourservice.com'] if parsed.hostname not in allowed: return False return True
: The attacker inputs the malicious metadata token URL instead of a legitimate external server URL. %2F = / )
When decoded from URL encoding ( %3A = : , %2F = / ), it becomes: which requires session authentication
Ensure your Azure VMs use IMDS v2, which requires session authentication, making it much harder for attackers to steal tokens via simple SSRF. Conclusion %2F = / )
The keyword webhook-url-http-3A-2F-2F169.254.169.254-2Fmetadata-2Fidentity-2Foauth2-2Ftoken is not just random characters—it’s a weaponized string used to pivot from a simple webhook feature to full cloud compromise. As server-side request forgery attacks grow more sophisticated, defenses must evolve beyond naive string matching.
Azure IMDS requires a specific header: Metadata: true . Most SSRF attacks fail if your server doesn't automatically include this.