AWS S3 bucket writeable for authenticated aws users
Hello BugBountyPoc viewers,
This is SaadAhmed a security researcher. This is my 1st write-up hope you all will forgive all mistakes.
Today i’ll write about the misconfigure aws s3 buckets that i found on many big sites but this writeup is about on my find on Adobe. I report this issue through Hackerone To Adobe since they reward only for their product issue so they give me only HOF
So how i found i used Robin Wood ruby tool to brute force on Adobe and find about 17 buckets but the 8 buckets are having only PUBLIC-READ ACL and 9 are WRITEABLE but the problem is that i’m not sure weather the Adobe owned these buckets ur not i just used my mass bucket exploiter tool and create POC and report the issue.
Adobe Team Replay
Thank you for your submission. Please note that below S3 buckets does not belong to Adobe-
http://adobecs3.s3.amazonaws.com
http://adobe-summit.s3.amazonaws.com
http://adobe-file.s3.amazonaws.com
http://adobe-packages.s3.amazonaws.com
http://adobe-assets.s3.amazonaws.comWe are investigating other S3 buckets, and will let you know if we have any questions. We appreciate your assistance and cooperation.
Adobe Product Security Incident Response Team
so i’m happy that remaining 12 buckets belongs to them so they switched their buckets to PRIVATE ACL
Thanks for reading . Happy Hunting
can u share the wordlist