Hacking Tool – S3 decloaker

Amazon S3 web services

Amazon S3 Decloaker

We are proud to present S3 decloaker”

As the first website in the world, we got our hands on a secretly leaked hacking tool – that’s still working. Our source says that Amazon knows about it but haven’t still prioritized/managed to patch the vulnerability.

Remember where you found it first. Only at How-To-Hack.net 

You can read more about Amazon S3 at the official website: https://aws.amazon.com/s3/

About the vulnerability


Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages

Download
bucket-disclose.sh

Disclaimer: The author of the script has nothing to do with either How-To-Hack.net or Amazon.

Leave a Reply

Your email address will not be published.