Skip to main content

One post tagged with "Bucket Enumeration"

Bucket Enumeration is an information disclosure vulnerability in Amazon S3 that occurs when an attacker can enumerate a list of bucket names by guessing or brute-forcing them, potentially exposing sensitive data stored within those buckets. This can be achieved through various methods, such as listing objects in a bucket, using publicly exposed bucket names, or exploiting misconfigured permissions and access controls.

View All Tags

HTB | Three | Write-Up

· 14 min read

Summary:

This article guides users through completing the Three machine challenge on Hack The Box. This is a web hacking challenge that involves exploiting vulnerabilities in an S3 bucket and executing a reverse shell on the target machine. The goal is to retrieve the "flag" file from the target machine.

Machine Name: Three | Difficulty: Easy | OS: Linux