← Back to search

Access S3 Buckets with Leaked AWS Credentials

enumerationtool

Summary

Configure the AWS CLI with discovered access keys, then list S3 buckets against a custom endpoint (e.g. a self-hosted/MinIO service).

Walkthrough

When you recover AWS access keys, plug them into the AWS CLI and enumerate the storage backing the application. Many lab targets expose an S3-compatible service on a non-standard endpoint.

Steps

  1. Run aws configure and paste the recovered Access Key ID and Secret Access Key (region/output can be left default).

``bash aws configure ``

  1. List buckets against the target's S3 endpoint, supplying the custom URL with --endpoint-url.

``bash aws --endpoint-url http://<TARGET>:54321 s3 ls ``

Commands

bash

aws configure

bash

aws --endpoint-url http://<TARGET>:54321 s3 ls