Day 67/100 Hack and Improvement

From Misconfigured S3 Bucket to Critical Vulnerability

While doing some recon and finding some S3 buckets that seemed that might be well configured. I never came across a great opportunity of finding a misconfigured S3 bucket. That’s why this post from Harsh Bothra seemed such a great example and learning source, therefore all credits to him.

Harsh Bothra while doing recon, he found an asset which was a bucket hosting static resources. The bucket was open, therefore the next action to proceed was to check the following permissions according Harsh Bothra.

• Create something on the bucket
• Modify something on the bucket
• Delete something on the bucket
• Read some sensitive data on the bucket (case-by-case basis)

Therefore, in order to test this, AWS CLI can be helpful.

• In order to check if you have access to upload or create a file use the following command.

  aws s3 cp yourtestfile.txt s3://bucketname
  

• In order to check if you have access to delete a file use the following command

  aws s3 rm s3://bucketname/yourtestfile.txt