HTH 2020 CTF: Cloud: OhSnap! (150)

This is from the Hackers Teaching Hackers HTH2020 CTF.

For this challenge, we are provided with this text:

I’m pretty sure that I backed up our hth instance properly. Can you take a look at the AWS EBS snapshots and check?

and this hint:

You will need an AWS account for this challenge. You can make one for free here: https://aws.amazon.com/resources/create-account/

I already had an account, so I logged into it and went to the EBS dashboard…

I then went to “snapshots” in the left navigation pane…

I then changed the search dropdown to “Public Snapshots” and did a seach for “hth”…

This yielded only on result. Look at that! the description field contained the flag…

HTH 2020 CTF: Cloud: BucketList (100)

This is from the Hackers Teaching Hackers HTH2020 CTF.

This was my first cloud challenge.
We are given this challenge text:

Hey guys! I set up an AWS bucket for this year’s hth that we can use to store our flags for the ctf. I think I made the bucket private but I’m not very good at this cloud stuff. Send me a message if I need to edit the permissions.

With this as a hint (yeah I looked at it… This is my first cloud challenge)

Let’s keep a flag in hth2020-private where it should be safe!

Some quick google searching gave me some basic URL examples for AWS buckets…
http://*******.s3.amazonaws.com/
So I plugged this in and I get what I was looking for…
http://hth2020-private.s3.amazonaws.com/

So I then navigate to…
http://hth2020-private.s3.amazonaws.com/flag.txt
And I get the flag…

Notice the hint about snapshots? Check out my next writeup for that.