Back to directory
WRITEUP #4941

How I earn $500 from Razer open S3 bucket

CloudAWS misconfiguration
by@kernel_rider(Sourav Sahana)
Bounty
500
Program
Razer
Published
Jan 12, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/sourav-sahana/how-i-earn-500-from-razer-open-s3-bucket-fe314e4bbab8
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat