Hi Guys, Back with an interesting hack that I was eagerly waiting to get the writeup to publish. This hack is about a chain of vulnerabilities which includes multiple bypasses in a various different layer which finally lead to access of AWS credentials in India’s biggest stock broker company. Below I’ll explain how I was able to access AWS credentials by first bypassing Web application firewall (W
![The journey of Web Cache + Firewall Bypass to SSRF to AWS Credentials compromise!](https://cdn-ak-scissors.b.st-hatena.com/image/square/00c9d5012c63411618fad8b3841ef51e40b33d4b/height=288;version=1;width=512/https%3A%2F%2Fmiro.medium.com%2Fv2%2Fresize%3Afit%3A1200%2F1%2AJnVvBOK2ZlEkyhpEbDQHFQ.png)