Tags:awspentesting Related to:s3-buckets See also: BlackSky Hailstorm AWS
There is a .git file in the repo
Lets try downloading it.
Lets run git log to see commit history
We see a special commit
Lets revert to the pervious commit (make sure you are outside the .git folder)
we see the access keys
access_key secret_access_key
Let us configure a profile named flaws using the keys
To see all the buckets a profile runs - aws --profile flaws s3 ls
http://level4-1156739cfb264ced6de514971a4bef68.flaws.cloud/ - link to next level