Researchers have created a proof-of-concept attack that allows unauthenticated adversaries to extract user credentials from misconfigured reverse proxy servers in order to delete, manipulate or extract data from websites and applications.

The proof-of-concept (PoC) attack targets major cloud customers of services such as Amazon Web Services, Microsoft Azure and Google Cloud, according to researchers at RedLock that published a report on their findings Tuesday.

Similar to misconfigured storage buckets that plagued businesses with leaky data, this PoC attack takes advantage of a common default configuration used by leading cloud services and too often unchanged by website admins.

The PoC targets APIs that provide access to the metadata associated with identity services such AWS’ Identity and Access Management (IAM), Microsoft’s Azure Managed Service Identity (MSI), and Google’s Cloud Cloud IAM. “[These] are features that… simplify the task of creating and distributing credentials and are popular features with developers,” wrote RedLock. As the PoC demonstrates, adversaries can also abuse them.

Gaurav Kumar, RedLock CTO, shared one PoC example with Threatpost.

“For example, WordPress servers use credentials to do things like connect to other cloud services. A website might use IAM credentials to automatically connect to an AWS storage bucket to backup daily transaction data,” said Kumar in an interview with Threatpost.

Kumar said IAM credentials rely on web server APIs to link cloud services. By using a simple CURL command, IAM role credentials are freely available for programs to obtain, researchers said.

And that’s where RedLock said API and IAM credential abuse can occur.

In its PoC attack, researchers created a typical configuration for a web server or application server using a reverse proxy server running a default NGINX installation. NGINX is web server software that can also be used as a reverse proxy. A reverse proxy server is a type of server that retrieves resources on behalf of a client from one or more servers.

“The RedLock CSI team had a hypothesis that some reverse proxies in AWS, MS Azure, and Google Cloud environments are set up such that anyone can set the host header to call the instance metadata API and obtain credentials,” wrote researchers.

Kumar explains: “When an HTTP request is made to a proxy server it contains instructions to the host. What we observed was the proxy server is reading a value from the host header and going to that destination and fetching a webpage. But an attacker can manipulate the header to ask it to fetch other data on proxy server, such as credential data from the API endpoint.”

Researchers said programs or potential attackers can use a simple CURL command via a specific URL to access IAM role credentials.

That credential data can then be used to access third-party cloud services linked to the website or application such as data stores, databases or website backups.

Kumar theorizes the threat landscape of misconfigured servers vulnerable to this type of attack is huge given reverse proxies are common in public cloud environments and in organizations moving on-premise applications to the cloud.

“What we found is there is a very popular configuration in reverse proxy servers that can be very problematic,” he said.

Dangers of Virtual Container Reuse

Researchers also created a “second exploitation method even scarier and potentially more far-reaching.” This type of PoC attack involves more social engineering and malicious Docker images.

The PoC is based on Docker creating an open source tool that can package an application and its dependencies in a virtual container that can run on any Linux server. Developers share docker images on stores such as Docker Hub, allowing developers to save time by using pre-built images for conventional tasks allowing them to focus on their areas of expertise.

“Suppose some crafty developer creates a super helpful, free-to-download docker image called ‘X’ and posts on Docker Hub along with millions of other popular resources. Then one fine day, after thousands or millions of downloads of the free service have been deployed, what if this malicious developer modifies and uploads an updated version of X (this happens all the time and others pull the latest version or make ‘calls’ to it) now containing the nefarious command: ‘ONBBUILD -<malcious_script.sh>’,” explains RedLock.

“Utilizing the instance metadata API, every application built upon the ‘X’ docker image will run this script (malcious_script.sh)unbeknownst to the dependent program and will request IAM role credentials. And here lies the risk,” researchers said.