Ssrf Cloud Metadata in Actix

Server-side request forgery (SSRF) vulnerabilities often stem from improper handling of metadata endpoints, especially those exposed by cloud providers. In the Actix ecosystem, these risks are amplified when applications inadvertently expose internal metadata services through misconfigured handlers or unvalidated redirects. Attackers can exploit these pathways to access sensitive cloud metadata endpoints, potentially harvesting credentials, instance metadata, or network topology details.

Actix-web, the most widely adopted Actix framework variant, does not automatically sanitize outbound requests made by the application itself. When developers implement custom HTTP clients or use frameworks like actix-web::HttpServer to proxy requests, they may inadvertently forward untrusted input to internal endpoints. A common pattern involves accepting a user-supplied URL and forwarding it directly to an internal service without validation. If the application runs in a cloud environment, this can lead to SSRF attacks targeting cloud metadata URLs such as http://169.254.169.254/latest/meta-data/.

Specific attack vectors in Actix include:

• Unvalidated redirects that preserve the original scheme and host, allowing an attacker to supply http://169.254.169.254/latest as a parameter
• Custom HTTP client wrappers that lack host or scheme whitelisting
• Use of third-party services (e.g., metadata APIs for autoscaling or secret retrieval) that accept arbitrary URLs

For example, a vulnerable endpoint might look like:

use actix_web::{get, web, App, HttpServer, HttpResponse};

#[get("/fetch")]
async fn fetch_endpoint(url: web::Query) -> Result {
    let target = url.into_inner();
    let client = reqwest::Client::new();
    let resp = client.get(&target).send().await?;
    let body = resp.text().await?;
    Ok(HttpResponse::Ok().body(body))
}

If an attacker submits http://169.254.169.254/latest/meta-data/iam/security-credentials/, the application will proxy the request and leak sensitive cloud instance credentials. This is not theoretical — such attacks have been observed in real-world breaches involving containerized Actix services deployed on AWS and GCP.

The risk is particularly acute when Actix applications are deployed in loosely configured environments where security boundaries are assumed to be enforced externally. Without explicit input validation, these services become conduits for SSRF attacks via cloud metadata endpoints.

Identifying SSRF vulnerabilities in Actix applications requires both static code review and runtime probing of external-facing endpoints. middleBrick enables automated detection by scanning public endpoints for signs of SSRF via cloud metadata access, even in the absence of authentication.

When scanning an Actix endpoint that accepts a URL parameter, middleBrick will attempt to probe for metadata URL patterns using a set of known cloud provider signatures. For example, if the scanner detects a handler that reflects or forwards user input to an external host, it will test:

• http://169.254.169.254/latest/meta-data/iam/security-credentials/
• http://169.254.169.254/latest/vendor/google
• http://169.254.169.254/latest/state

These requests are sent as part of the black-box scan, simulating what an external attacker could do. middleBrick does not require internal access or source code; it only needs to observe the application's behavior when processing untrusted input.

Upon detecting a successful SSRF condition — such as a response containing AWS or GCP metadata — middleBrick generates a high-severity finding with a clear description: Potential SSRF via metadata endpoint access. The report includes the exact URL used, the response body snippet (e.g., iam/security-credentials/), and a reference to relevant OWASP API Top 10 category A5:2023 - Security Misconfiguration.

In a CI/CD context, integrating the middleBrick CLI into a pipeline allows teams to catch regressions early. For instance, a script can scan staging deployments of Actix services before promoting them to production, ensuring that new endpoints do not introduce SSRF risks.

Mitigating SSRF in Actix applications requires strict input validation and network boundary enforcement. Developers should avoid directly forwarding user-supplied URLs to external services, especially those pointing to internal or metadata endpoints.

Recommended remediation steps include:

• Validate and whitelist destinations: Restrict allowed hosts and schemes. For example, only allow internal services to be accessed via predefined IP ranges or domain names.
• Block private IP ranges and link-local addresses: Use middleware to reject requests targeting 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and 169.254.0.0/16.
• Use dedicated HTTP clients with proper configuration: When making outbound requests, configure timeouts and connection limits to prevent abuse.

Here is an example of a hardened fetch handler in Actix-web:

use actix_web::{get, web, HttpResponse, HttpServer};
use std::net::SocketAddr;

// Whitelisted internal services
const WHITELIST: &str = "127.0.0.1|10.0.0.0/8|172.16.0.0/12|192.168.0.0/16";

#[get("/safe-fetch")]
async fn safe_fetch(data: web::Query) -> Result {
    let target = data.into_inner();
    
    // Parse and validate the target URL
    let parsed = match url::Url::parse(&target) {
        Ok(u) => u,
        Err(_) => return Err(HttpResponse::BadRequest().finish()),
    };
    
    // Reject private and link-local IPs
    if let Some(host) = parsed.host() {
        let addr = format!("{}", host);
        if addr.matches(|c| c.is_digit(10)).any(|_| {}
            || addr.starts_with("10.")
            || addr.starts_with("172.16.")
            || addr.starts_with("172.17.")
            || addr.starts_with("172.18.")
            || addr.starts_with("172.19.")
            || addr.starts_with("172.20.")
            || addr.starts_with("172.21.")
            || addr.starts_with("172.22.")
            || addr.starts_with("172.23.")
            || addr.starts_with("172.24.")
            || addr.starts_with("172.25.")
            || addr.starts_with("172.26.")
            || addr.starts_with("172.27.")
            || addr.starts_with("172.28.")
            || addr.starts_with("172.29.")
            || addr.starts_with("172.30.")
            || addr.starts_with("172.31.")
            || addr.starts_with("192.168.")
            || addr.starts_with("169.254.")
        ) {
            return Err(HttpResponse::Forbidden().finish());
        }
    }
    
    let client = reqwest::Client::new();
    match client.get(&target).timeout(std::time::Duration::from_secs(5)).send().await {
        Ok(resp) => {
            let status = resp.status().as_u16();
            let body = resp.text().await.unwrap_or_default();
            Ok(HttpResponse::from_status(status).body(body))
        }
        Err(_) => Err(HttpResponse::BadGateway().finish())
    }
}

Additionally, consider using reverse proxies or API gateways that can enforce network policies. For cloud-native deployments, leverage security groups or firewall rules to restrict egress traffic from the Actix service to only necessary destinations.

These measures significantly reduce the attack surface for SSRF, particularly when targeting cloud metadata endpoints that are often accessible via link-local addresses like 169.254.169.254.