S3Reverse : Format Of Various S3 Buckets

S3Reverse is a format of various s3 buckets is convert in one format. for bugbounty and security testing.

Install

$ go get -u github.com/hahwul/s3reverse

Usage

Input options

  • Basic Usage

Usage of ./s3reverse:
-iL string
Input List
-oA string
Write output in Array format (optional)
-oN string
Write output in Normal format (optional)
-tN
to name
-tP
to path-style
-tS
to s3 url
-tV
to virtual-hosted-style
-verify
testing bucket(acl,takeover)

  • Using from file

$ s3reverse -iL sample -tN
udemy-web-upload-transitional
github-cloud
github-production-repository-file-5c1aeb
github-production-upload-manifest-file-7fdce7
github-production-user-asset-6210df
github-education-web
github-jobs
s3-us-west-2.amazonaws.com
optimizely
app-usa-modeast-prod-a01239f
doc
swipely-merchant-assets
adslfjasldfkjasldkfjalsdfkajsljasldf
cbphotovideo
cbphotovideo-eu
public.chaturbate.com
wowdvr
cbvideoupload
testbuckettesttest

  • Using from pipeline

$ cat sample | s3reverse -tN
udemy-web-upload-transitional
github-cloud
github-production-repository-file-5c1aeb
github-production-upload-manifest-file-7fdce7
github-production-user-asset-6210df
github-education-web
github-jobs
s3-us-west-2.amazonaws.com
optimizely
app-usa-modeast-prod-a01239f
doc
swipely-merchant-assets
adslfjasldfkjasldkfjalsdfkajsljasldf
cbphotovideo
cbphotovideo-eu
public.chaturbate.com
wowdvr
cbvideoupload
testbuckettesttest

Also Read – Adamantium-Thief : Decrypt Chromium Based Browsers Passwords & Credit Cards

Output Options

  • to Name

$ s3reverse -iL sample -tN
udemy-web-upload-transitional
github-cloud
github-production-repository-file-5c1aeb
github-production-upload-manifest-file-7fdce7
… snip …

  • to Path Style

$ s3reverse -iL sample -tP
https://s3.amazonaws.com/udemy-web-upload-transitional
https://s3.amazonaws.com/github-cloud
https://s3.amazonaws.com/github-production-repository-file-5c1aeb
… snip …

  • to Virtual Hosted Style

$ s3reverse -iL sample -tV
udemy-web-upload-transitional.s3.amazonaws.com
github-cloud.s3.amazonaws.com
github-production-repository-file-5c1aeb.s3.amazonaws.com
github-production-upload-manifest-file-7fdce7.s3.amazonaws.com
github-production-user-asset-6210df.s3.amazonaws.com
… snip …

Verify Mode

$ s3reverse -iL sample -verify
[NoSuchBucket] adslfjasldfkjasldkfjalsdfkajsljasldf
[PublicAccessDenied] github-production-user-asset-6210df
[PublicAccessDenied] github-jobs
[PublicAccessDenied] public.chaturbate.com
[PublicAccessDenied] github-education-web
[PublicAccessDenied] github-production-repository-file-5c1aeb
[PublicAccessDenied] testbuckettesttest
[PublicAccessDenied] app-usa-modeast-prod-a01239f
[PublicAccessGranted] cbphotovideo-eu
[PublicAccessDenied] swipely-merchant-assets
[PublicAccessDenied] optimizely
[PublicAccessDenied] wowdvr
[PublicAccessGranted] s3-us-west-2.amazonaws.com
[PublicAccessDenied] cbphotovideo
[PublicAccessDenied] cbvideoupload
[PublicAccessDenied] github-production-upload-manifest-file-7fdce7
[PublicAccessDenied] doc
[PublicAccessDenied] udemy-web-upload-transitional
[PublicAccessDenied] github-cloud

Case Study

  • Pipelining meg, s3reverse, gf , s3scanner for Find S3 Misconfiguration.

$ meg -d 1000 -v / ; cd out ; gf s3-buckets | s3reverse -tN > buckets ; s3scanner buckets

  • Find S3 bucket takeover

$ meg -d 1000 -v / ; cd out ; gf s3-buckets | s3reverse -verify | grep NoSuchBucket > takeovers

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

10 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

10 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

10 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

10 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

10 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

13 hours ago