S3 Bucket Misconfiguration Lead To Access Sensitive Files

Hello Guys, I Would Like To Share This Report Has been reported To Private Program In Hackerone


I have discovered S3 bucket and tested it via the AWS command-line tool in Linux. It looks like permissions are not well configured and allow Access raw Files

First You Need To Have AWS Account and configure The Access Token and Secret Token

Sometimes When Anyone Create s3 buckets Don’t Restrict The READ and Write Permissions in s3 bucket

Bucket Name cdn.Example.com

2- aws s3api list-objects cdn.Example.com

3- Found Some raw files and PGP files For the Integrity check

After That, I Decided To Download The Raw Files And Try To Mount them

wget cdn.expample.com/imagename.raw.gz

Time To mount The Images And To Show Real Impact

The Next Thing Will Need To Attach The image.raw To Loop Device

After That, I Submit The Evidence and The Report Has Been Triaged

And Rewarded $$$


Thanks For Reading My Write Up

Information Security Engineer And Bug Hunter