Tags: web
Rating:
We're given an Amazon S3 Bucket Website: http://tamuctf.s3-website-us-west-2.amazonaws.com
When we inspect the source code of the website, we find some hints.
<!--Wow my first AWS web page!
I think I am finally figuring out S3 buckets,
it is just really so easy to use!
If you forget for your passwords it is near the Dogs..-->
This particular hint leads me to believe that the (fictional) author of this website must have some sort of configuration slip-up, especially since they're new to it.
The URL of the website is http://tamuctf.s3-website-us-west-2.amazonaws.com/, which means that the name of the website is tamuctf. We can view the files of the website (like browsing a directory) by accessing the site's S3 AmazonAWS Bucket directly, assuming that it is misconfigured and allows public access. To do this, we simply just go to http://tamuctf.s3.amazonaws.com/.
When we do this, we find an XML page detailing all of the files in the Bucket. We find the flag in one of these XML entries.
If we access this resource from the site, then we are able to retrieve the flag.
