April 2019
Intermediate to advanced
508 pages
11h 57m
English
In the previous Chapter 7, Reconnaissance-Identifying Vulnerable S3 Buckets, we learned how to create a vulnerable bucket by making it publicly available. In this chapter, we are going to learn how to identify vulnerable buckets and try to extract data from each bucket.
So, once the bucket is set up, we are going to try to attack the vulnerable bucket from an outsider's perspective. To achieve this, we will be using the AWSBucketDump tool. It is a very handy tool that is used to identify vulnerable S3 buckets. The AWSBucketDump tool is available at the GitHub page https://github.com/jordanpotti/AWSBucketDump.
Let's see how we can extract sensitive data using AWSBucketDump:
Read now
Unlock full access