[Day 17] Cloud Elf Leaks | Advent of Cyber 3 (2021)
Nowadays, Cloud is a famous technology, which is we could have server with amazing redundant technology.
Today we'll be covering the basics of AWS - one of the leading public cloud providers, and two of its most common services - Amazon S3 (Simple Storage Service) and AWS IAM (Identity and Access Management).
Let’s hack the Cloud…
# What is the name of the S3 Bucket used to host the HR Website announcement?
images.bestfestivalcompany.com
If you view link of this image, you will see the pattern of the name of the S3 Bucket,
http://BUCKETNAME.s3.amazonaws.com/FILENAME.ext
or
http://s3.amazonaws.com/BUCKETNAME/FILENAME.ext
# What is the message left in the flag.txt object from that bucket?
It’s easy to get your elves data when you leave it so easy to find!
# What other file in that bucket looks interesting to you?
wp-backup.zip
# What is the AWS Access Key ID in that file?
AKIAQI52OJVCPZXFYAOI
use the powerfull tools in linux, “grep”. with grep -R <string> <dir> we can search string in the directory.
for the full view, open that file with your favorite text editor.
# What is the AWS Account ID that access-key works for?
019181489476
Complete the aws configure with last credentials, we found.
# What is the Username for that access-key?
# There is an EC2 Instance in this account. Under the TAGs, what is the Name of the instance?
HR-Portal
# What is the database password stored in Secrets Manager?
Winter2021!
don’t forget to change the Default output format to JSON, it’s very helpful.
Conclusion
Cloud is new for me, so sometimes I go searching on google. Don’t blame your self if you couldn’t know something, but try to search and learn it.
thanks.
