S3 Bucket Enumeration
Last updated
Last updated
ruby lazys3.rb <company>
ruby lazys3.rb pakwheels
sudo apt install cloud-enum
cloud_enum -k [flaws.cloud](<http://flaws.cloud>) --disable-azure --disable-gcp
Manual Installation
sudo apt-get install awscli
cloud_enum -k [flaws.cloud](<http://flaws.cloud>) --disable-azure --disable-gcp
aws s3 ls s3://flaws.cloud/ --no-sign-request
Download - aws s3 cp s3://flaws.cloud/secret.html ./ --no-sign-request
Upload - aws s3 cp ./index.html s3://flaws.cloud/secret.html --no-sign-request
Create a free AWS account
Go to AWS IAM dashboard
Users → Add New user with programmatic access credential type
Once user is created, note down the access key
and secret access key
Click User → Permissions → Add permissions → Attach existing policies → AmazonS3FullAccess
aws configure --profile someone
aws s3 --profile someone ls s3://flaws.cloud/ --no-sign-request
aws s3 --profile someone cp s3://flaws.cloud/something.html ./