Tag

amazon

Hack The Box – Bucket Walkthrough

Introduction

This was an intermediate Linux box that involved exploiting an insecure AWS S3 bucket to upload a PHP reverse shell to gain remote access, using credentials found in an unprotected DynamoDB database to gain a user shell and exploiting a vulnerable PHP script to extract the root user’s private SSH keys and escalate privileges to root through the DynamoDB database.

April 29, 2021 | by Stefano Lanaro | Leave a comment

Navigation
- Home
- CTF Walkthroughs
- Guides
- Reviews
- Resources
  - Cheat Sheets
  - Checklists
- About
About StefLan Security

I am a penetration tester and cyber security / Linux enthusiast.
Through this blog, I would like to share my passion for penetration testing, hoping that this might be of help for other students and professionals out there. I will be more than glad to exchange ideas with other fellow pentesters and enthusiasts.
Recent Posts
- Certified Red Team Expert (CRTE) Review April 16, 2024
- TryHackMe – Nax Walkthrough April 8, 2024
- Certified Azure Red Team Professional (CARTP) Review December 23, 2023
- A Complete Guide to Hacking GraphQL September 17, 2023
- Offensive Security Experienced Penetration Tester (OSEP) Review January 24, 2023