Access Secrets with S3 Bucket Versioning

We created this beginner-friendly lab to teach about the potential dangers of S3 bucket versioning, if the admins have not sufficiently restricted who can access them, and about the dangers of inadequate data segregation and storing secrets in plain text fields. Advice on remediation is also included.

Your team, renowned for its expertise in cloud security, has been enlisted by Huge Logistics to scrutinize their perimeter. Your main task? Investigate a specified IP range, noting that a specific IP address is frequently mentioned in their public documentation. Unearth any potential security issues and provide a roadmap to bolster their defenses.

• Basic Linux command line knowledge

• Basic web enumeration
• S3 bucket enumeration
• Identifying and accessing file versions using cURL and the AWS CLI

S3 versioning can be very useful to guard against accidental file changes and deletions, and may even by mandated in some industries. Although AWS hasn't released any figures relating to the adoption of this feature, it's a something worth checking for when examining buckets. Credentials stored in JavaScript files and other client-side code is a common and real-world security issue. Storing sensitive information, such as API keys or credentials, directly within JavaScript files exposes them to anyone who can access or view the website's source code, which is inherently public.