Back to directory
WRITEUP #1720

Bug hunting: Open access to S3 bucket

CloudAWS misconfiguration
byRaghul Raj
Program
-
Published
Jan 9, 2023
Added to HackDex
Jan 11, 2023
Read Full Writeuphttps://engrinside.medium.com/bug-hunting-open-access-to-s3-bucket-79f262a86a78
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat