TryHackMe: Advent of Cyber [Day 14] Unknown Storage

Room: Advent of Cyber

Difficulty: Beginner

“McElferson opens today’s newspaper and sees the following headline:

Private information leaked from the best festival company

This shocks her! She calls in her lead security consultant to find out more information about this. How do we not know about our own s3 bucket?

McSkidy’s only starting point is a single bucket name: advent-bucket-one”

This challenge has source material that explains the basics of Amazon Web Services Cloud Storage. We don’t have anything to deploy, but we are given the name of the company’s bucket: advent-bucket-one.

Question#1 What is the name of the file you found?

Let’s navigate to that specific bucket using our web browser’s navigation bar:

Look closely here and you will see the name of the file we need for the first flag!

Question#2 What is in the file?

To do this, the source material explains that you will need an AWS CLI account, but there is a much much simpler way to go about this.

Simply append the file name to the back of that same web address and it will pop up.<filename>

If you would still like to make the AWS CLI account to mess around with it and explore, I would recommend it.

Very short post today! But hopefully you can see the importance of securing your S3 buckets (avoiding misconfigurations).

THIS link can explain some best practices for utilizing Amazon s3.

Happy Hacking! ❤



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


CTF Writeups to facilitate cyber education.