🥳
DevOps
  • Intro
  • Docker
    • Installing Docker and Docker Compose on an Ubuntu server:
    • Cannot perform an interactive login from a non TTY device
  • Git & Github
    • Auto-merge in github
    • Basic Recon with github actions
  • Dotnet
    • Amazon Lightsail for ASP.NET Core
    • AWS CodeBuild DotNet Core
    • Dotnet runtime: 7.0.2
    • Unable to locate package dotnet-sdk-8.0
    • Deploy a Dotnet Web on Ubuntu with Nginx Reserve Proxy
    • Unexpected Absence of .NET Core Runtime
    • Dotnet Runtime Missing (Solved)
  • Nginx
    • Service deployment and monitoring
    • Connection reset by peer
    • Deploy APIs on Nginx webserver in Ubuntu
    • Hide Nginx Server Info
    • Issuing SSL Certificate
    • Understanding SameSite cookies
    • Apache Tomcat
  • Ansible
    • Introduction
    • Ansible modules
    • Ansible Playbook
    • Handle lots of servers at one time
  • Jenkins
    • Attach trivy report on email (jenkins pipeline)
    • ng not found error while docker build in jenkins pipeline (script)
    • Auto Trigger Jenkins Build /Jobs with github webhook
    • Gradle for jenkins
  • Terraform
    • Terraform installation
    • Install jenkins docker image with Terraform
  • AWS
    • Hands-on labs
      • EC2 instance using AWS CLI
      • How to Create a Security Group
      • How to Create an AWS GP3 Volume
      • Subnet Creation Guide
      • Allocate Elastic IP
      • Create EC2 Instance Guide
      • Switching EC2 Instance Type
      • Assign Elastic IP to EC2 Instance
      • Enable EC2 Instance Termination Protection
      • Attach ENI to EC2 Instance Easily
      • Attach AWS Volume to EC2 Instance
      • How to Stop an Amazon EC2 Instance
      • How to Create an IAM User
      • EC2 Console Read-Only IAM Policy
      • How to Attach IAM Policy to User
      • Create EC2 IAM Role with Policy Guide
      • How to Delete an IAM Group
      • How to Delete an IAM Role
      • Private S3 Bucket Setup Guide
      • How to Create Public S3 Bucket
      • Enable S3 Bucket Versioning
      • Move Data into Existing S3 Bucket
      • Manage S3 Bucket Data Efficiently
      • Public RDS Instance Guide
      • Snapshot Creation for RDS Instances
      • Upgrade MySQL in RDS Using AWS Console
      • Remove RDS Instance Safely
      • How to Create a VPC
      • Understanding VPC CIDR
      • VPC IPv6 Implementation Guide
      • Create Private S3 Bucket Using AWS CLI
      • AWS CLI: Launch EC2 Instance Guide
      • Change EC2 Instance Type Using AWS CLI
      • AWS CLI: Delete EC2 Instance Guide
      • Host Apps on EC2 with Elastic IP
      • Host Apps on EC2 with Elastic IP
      • Increase EC2 Storage for Development
      • Launch EC2 Instances with Custom AMIs
      • Application Load Balancer Setup for EC2
      • EC2 Instance Setup and Cloud Watch Alarm
      • Set Up EC2 Web Server with Nginx
      • Migrate S3 Buckets with AWS CLI
      • Private RDS Setup for Development Projects
      • RDS Instance: Allow Public Access
      • Set Up Public VPC and EC2 for Internet Access
    • Install the CodeDeploy agent for Ubuntu Server
    • S3 Bucket Misconfiguration
    • Cloud Security Resources
    • Extend a Linux file system after resizing a volume
    • userdata for instances
    • Amazon EC2 User Data Scripts Dashboard
    • Patch Manager
  • Apache Solr
    • Introduction
    • Data Import Handler (DIH)
    • Create Core & Add Data in Solr
    • Import csv, xml data & Delete data
  • Kubernetes
    • K8s
    • Deploying Pods in Kubernetes Made Easy
    • Kubernetes Deployment for App Deployment
    • Kubernetes: Setup Namespaces and PODs
    • Kubernetes Pod Resource Limiting Guide
    • Kubernetes Pod Resource Limiting Guide
    • Kubernetes Rolling Updates Guide
    • Revert Deployment to Previous Version
    • Kubernetes Cronjob Scheduling Guide
    • Kubernetes Countdown Job Setup Guide
    • Kubernetes Time Check Pod Setup Guide
  • Prometheus & Grafana
    • Prometheus Installation
    • Grafana Installation
    • Telegraf
    • Influx DB
    • Prometheus alert rules
    • Config sysinfo-web
  • Splunk
    • Introduction
    • Uses of Splunk
    • Install Splunk on AWS EC2 Instance
    • Indexes in Splunk
      • Basic Searching
  • Linux Security
    • Package in linux
    • ICMP vulnerability:
    • Tunnelmole
  • Wazuh
    • Introduction
    • Creating an infra using Terraform
    • Manually creating aws infra
    • Ansible servers
    • Ansible (master with worker)
    • Wazuh manager and agent
    • Kibana
Powered by GitBook
On this page
  1. AWS

S3 Bucket Misconfiguration

S3 Bucket on misconfiguration and exploitation.

Today we are going to check s3 bucket security:

  1. Install aws-cli and config aws credentials using the command: 

aws configure

  1. Create a python script to list out the s3-buckets: 

import boto3
s3 = boto3.resource('s3')
for bucket in s3.buckets.all():
        print(bucket.name)

You'll get list of aws s3 buckets on your aws account.

  1. Now, try to check out the s3 buckets manually with the given link: 

https://s3.ap-south-1.amazonaws.com/$s3-bucketname

  • If the s3 bucket is not misconfiguration, it will display all data with documents on the page.

  • If the s3 bucket is configured, it will show access denied to third party.

  1. List out all files in the s3 bucket:

aws s3 ls s3://hicare/ --no-sign-request --region ap-south-1

  1. Download all s3 bucket files from s3 to localhost using awscli:

aws s3 sync s3://hicare-others/ ~/Documents/HiCare --no-sign-request --region ap-south-1

The goal of this testing is to prevent/secure the aws s3 bucket from the attacker. This will lead to very critical situation to any company if org data became leaked.

PreviousInstall the CodeDeploy agent for Ubuntu ServerNextCloud Security Resources

Last updated 1 year ago