Page cover

Flaws Cloud 1

Description

Through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS). There are no SQL injection, XSS, buffer overflows, or many of the other vulnerabilities you might have seen before. As much as possible, these are AWS specific issues.

A series of hints are provided that will teach you how to discover the info you'll need. If you don't want to actually run any commands, you can just keep following the hints which will give you the solution to the next level. At the start of each level you'll learn how to avoid the problem the previous level exhibited.

Scope: Everything is run out of a single AWS account, and all challenges are sub-domains of flaws.cloud.

Important Knowledges

What is a Bucket?

A bucket is a cloud storage container. It functions like a giant folder where you can store files (objects) on a cloud provider's infrastructure.

For AWS (Amazon Web Services), buckets belong to S3 (Simple Storage Service).

For Google Cloud, they are called Cloud Storage Buckets.

And for Azure, they are called Blob Storage Containers.

How the bucket permissions works?

Every cloud bucket has access permissions. In AWS S3, these permissions are controlled through:

  • Bucket policies: Rules that allow or deny access to specific users or roles.

  • Access Control Lists (ACLs): Define permissions at the user or group level.

  • Public access settings: AWS allows buckets to be marked as private or public.

Sometimes, companies accidentally leave buckets public, allowing anyone on the internet to access their files. To check if an AWS S3 bucket is public, a simple command can be used:

aws s3 ls s3://bucket-name --no-sign-request

If it returns files, it means the bucket is public, and anyone can access its contents.

AWS S3 Bucket URL Structure:

https://<bucket-name>.s3.amazonaws.com/

What is a EBS Volume?

EBS (Elastic Block Store) is an AWS storage service that provides disk volumes that can be attached to EC2 instances. It works like a virtual hard drive in the cloud.

What is an EC2 Instance?

EC2 (Elastic Compute Cloud) is an AWS service that allows you to launch virtual servers in the cloud. These instances can run Linux or Windows and execute any application. They are also scalable. Essentially, it functions like a virtual machine in the cloud.

PreviousLevel 8: Detect AES in ECB modeNextLevel 1: Buckets of Fun

Last updated