Back to directory
WRITEUP #4163

Misconfigured s3 bucket leads to Sensitive Data exposure(No super controls )

CloudAWS misconfiguration
byVirdoexhunter
Bounty
400
Program
-
Published
Dec 18, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://virdoexhunter.medium.com/misconfigured-s3-bucket-leads-to-sensitive-data-exposure-no-super-controls-f47e26b586c6
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat