Flaws.Cloud
A walkthrough of the CTF Flaws.Cloud
| Walkthrough Link | Summary |
|---|---|
The goal is to identify the S3 bucket associated with the | |
In this section, we leverage DNS to discover an S3 bucket and then exploit a misconfiguration to gain access to the bucket's contents. | |
We discover another S3 bucket this time hosting a hidden git directory. By leveraging code scanning tools we can automate the process of quickly finding exposed AWS access keys in a previous commit. This access leads to the discovery of data and our next clue. | |
We discover a public EBS volume containing credentials to a web server and our next clue. | |
By exploiting a Server-Side Request Forgery (SSRF) vulnerability in the webserver, we gain access to the underlying EC2 instance's credentials. This leads to accessing data and our next clue. | |
Using credentials discovered in the previous lab, we leverage our lambda access to piece together an API endpoint that when triggered, provides the final flag. |
Last updated