This is from the Hackers Teaching Hackers HTH2020 CTF.
This was my first cloud challenge.
We are given this challenge text:
Hey guys! I set up an AWS bucket for this year’s hth that we can use to store our flags for the ctf. I think I made the bucket private but I’m not very good at this cloud stuff. Send me a message if I need to edit the permissions.
With this as a hint (yeah I looked at it… This is my first cloud challenge)
Let’s keep a flag in hth2020-private where it should be safe!
Some quick google searching gave me some basic URL examples for AWS buckets…
http://*******.s3.amazonaws.com/
So I plugged this in and I get what I was looking for…
http://hth2020-private.s3.amazonaws.com/
So I then navigate to…
http://hth2020-private.s3.amazonaws.com/flag.txt
And I get the flag…
Notice the hint about snapshots? Check out my next writeup for that.