The target of this specific attack vector is devastatingly high-value. When a developer runs aws configure on a local machine or a server, the AWS Command Line Interface creates an INI-formatted file at ~/.aws/credentials .
SSRF occurs when an attacker forces a server to make a request to a resource it shouldn't, such as the local file system or internal network endpoints (like the AWS metadata service at http://169.254.169.254 ). callback-url-file-3A-2F-2F-2Fhome-2F-2A-2F.aws-2Fcredentials
callback-url-file:///home/*/.aws/credentials The target of this specific attack vector is
– an attacker could potentially read credentials for any system user without knowing the exact username. callback-url-file-3A-2F-2F-2Fhome-2F-2A-2F.aws-2Fcredentials
Applications should never accept arbitrary protocols like file:// , gopher:// , or ftp:// inside callback fields. Explicitly restrict incoming parameters to cryptographic web schemes.