Amazon S3 Bucket Takeover

Hello Hunter’s,

This is my First blog so please correct me if you find any mistakes. Hopefully this blog will help You understand how I was able to get my first bounty.

Let’s Start…..

I am Akhil Jain, I have been doing bug Bounty from past 7 months and being from non-technical background I had to catch with lot off things which I did periodically.

So in this blog I will tell you how I was able to find my first Bounty Bug……..

Let’s call the target name as “bounty.com” as it’s my first bounty😂.! Yeah my approach towards the target was simple as every person does it Subdomain Enumeration, then checking for valid domains etc….

As the target did not have many sub domains I started hunting on the main domain using manual and automated approach.

Tip: Always look for links in .Js file you might find some interesting and juicy information

I found an .js file in which there was a link for S3 bucket. Booooommmm….. it was showing “The specified bucket does not exist” and I have check it with https://github.com/EdOverflow/can-i-take-over-xyz and figured it out that it was vulnerable.

The next step was creating an account in AWS And taking over the bucket. And I was able create and takeover it. The steps for creating a S3 bucket is everywhere have a look on it which is easy.

For any Assistance please do reach out to me I’ll guide you over it. My LinkedIn profile is given below.

Thank You

Akhil Jain

http://linkedin.com/in/akhil-jain-b024b8169