HTH 2020 CTF: Cloud: BucketList (100)

This is from the Hackers Teaching Hackers HTH2020 CTF.

This was my first cloud challenge.
We are given this challenge text:

Hey guys! I set up an AWS bucket for this year’s hth that we can use to store our flags for the ctf. I think I made the bucket private but I’m not very good at this cloud stuff. Send me a message if I need to edit the permissions.

With this as a hint (yeah I looked at it… This is my first cloud challenge)

Let’s keep a flag in hth2020-private where it should be safe!

Some quick google searching gave me some basic URL examples for AWS buckets…
http://*******.s3.amazonaws.com/
So I plugged this in and I get what I was looking for…
http://hth2020-private.s3.amazonaws.com/

So I then navigate to…
http://hth2020-private.s3.amazonaws.com/flag.txt
And I get the flag…

Notice the hint about snapshots? Check out my next writeup for that.

Leave a Reply

Your email address will not be published. Required fields are marked *