# Part 1 : Spaceship external information endpoint

-----

* By Following the given link we access a web site : [Planet-Bucket](http://planet-bucket-43b2a07.s3-website-eu-west-1.amazonaws.com/).
* Everytime i get a website I go check the HTLM code if anything interesting can be found (Ctrl + MAJ + I).
* We see that the image rocket_bucket.png is located on another location
* Let's follow the link [https://rocket-bucket-723aa76.s3.amazonaws.com/](https://rocket-bucket-723aa76.s3.amazonaws.com/).
* We can see a file called flag.txt so we follow the following link [https://rocket-bucket-723aa76.s3.amazonaws.com/flag.txt](https://rocket-bucket-723aa76.s3.amazonaws.com/flag.txt) and we get the first flag :

-----

> CTF{0841862f273fd2ca20ea3b94a645781071ab19d7}

-----

# Part 2 : Obtaining the spaceship access keys

-----

* Inside the previoux link we also had another interesting file "external-information-panel.txt"
* We download it using the link [https://rocket-bucket-723aa76.s3.amazonaws.com/external-information-panel.txt](https://rocket-bucket-723aa76.s3.amazonaws.com/external-information-panel.txt)
* The content of this file is : https://g0341x75tb.execute-api.eu-west-1.amazonaws.com/logs
* By trying to access this link we get the error message : "405 request method 'GET' not allowed"
* Let's try other HTML commands using curl. The PUT command worked just fine
* `curl -X PUT https://g0341x75tb.execute-api.eu-west-1.amazonaws.com/logs`
* We get a lot of information by using this command. First of all we get the flag of this second part :
> CTF{9177a9c8bb1cd5c85934}
* And we also get the credential information for the rest of the challenge :
> * AWS_SECRET_ACCESS_KEY=dpmlpQnMgZFZ5Nt8k7AkCTizqGrY84ZRW55lo+52
> * AWS_ACCESS_KEY_ID=AKIA552OOUKCBWDIUCWS

-----

# Part 3 : A cleaning bucket

-----

* We got from previous step some credentials. Let's configure our aws using by using them (AWS shall be previously installed using sudo apt-get install aws). The command to use is aws configure. This command will request your Access key ID, your Secret Access key, the default region name and the default output format
* `aws configure`
> * AWS Access Key ID [None] : AKIA552OOUKCBWDIUCWS
> * AWS Secret Access Key [None] : dpmlpQnMgZFZ5Nt8k7AkCTizqGrY84ZRW55lo+52
> * Default region name [None] : eu-west-1
> * Default output format [None] :
* To get the correct ID of the Cleaning Bucket, we have access to the bucket list so we send the following command :
* `aws s3api list-buckets`
> * cleaningbucket-cf2be35
> * planet-bucket-43b2a07
> * rocket-bucket-723aa76
* Now we have the correct ID lets get the tag using the command :
* `aws s3api get-bucket-tagging --bucket cleaningbucket-cf2be35`
* We get inside the returned value the flag of this 3rd part of the challenge :

> CTF_855cc724fd34896c8875
-----

# Part 4 : Lambda Thrusters information panel

-----

* By looking at the possible commands for aws (available [here](https://docs.aws.amazon.com/cli/latest/reference/index.html#cli-aws)) we find out a command called lambda.
* We try different commands and we find the command to get the function list.
* `aws lambda list-functions `
* With this command we get the "FunctionArn" of the "lambdaThruster-8697c51" which is arn:aws:lambda:eu-west-1:957405373060:function:lambdaThrusters-8697c51
* We get the tag list of this lambda thruster using the command :
* `aws lambda list-tags --resource arn:aws:lambda:eu-west-1:957405373060:function:lambdaThrusters-8697c51`
* We get inside the returned value the flag of this 4th part of the challenge :

> CTF_20324408a4e3f5c1d54d
-----

# Part 5 : E-space Cloud Computing System

-----

* last part of this challenge was about Cloud Computin System. This name makes us think of the Amazon Elastic Compute Cloud (EC2).
* By trying different ec2 commands we find the following one :
* `aws ec2 describe-tags`
* We get inside the returned value the information "final_flag" which is the flag of this 5th part of the challenge :

> CTF_98f960b4d86bbcfe3fe1

-----