GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → michenriksen → Bucketlist

michenriksen / Bucketlist

Licence: mit
Amazon S3 bucket spelunking!

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

htmlsecurityosints3

Projects that are alternatives of or similar to Bucketlist

Thanos
Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.
Stars: ✭ 9,820 (+13538.89%)
Mutual labels:  s3
Cyberduck
Cyberduck is a libre FTP, SFTP, WebDAV, Amazon S3, Backblaze B2, Microsoft Azure & OneDrive and OpenStack Swift file transfer client for Mac and Windows.
Stars: ✭ 1,080 (+1400%)
Mutual labels:  s3
Antenna
Painless iOS over-the-air enterprise distribution
Stars: ✭ 67 (-6.94%)
Mutual labels:  s3
Awesome Social Engineering
A curated list of awesome social engineering resources.
Stars: ✭ 1,110 (+1441.67%)
Mutual labels:  osint
Undocumented S3 Apis
Undocumented Amazon S3 APIs and third-party extensions
Stars: ✭ 63 (-12.5%)
Mutual labels:  s3
Terraform Aws S3 Log Storage
This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail
Stars: ✭ 65 (-9.72%)
Mutual labels:  s3
Pierone
STUPS' Docker registry with S3 backend, immutable tags and SCM source tracking
Stars: ✭ 57 (-20.83%)
Mutual labels:  s3
Aws Inventory
Python script for AWS resources inventory (cheaper than AWS Config)
Stars: ✭ 69 (-4.17%)
Mutual labels:  s3
Metaforge
An OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-12.5%)
Mutual labels:  osint
Aws
Swift wrapper around AWS API
Stars: ✭ 67 (-6.94%)
Mutual labels:  s3
Osint Tools
OSINT tools catalog
Stars: ✭ 62 (-13.89%)
Mutual labels:  osint
Dfw1n Osint
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (-12.5%)
Mutual labels:  osint
React Deploy S3
Deploy create react app's in AWS S3
Stars: ✭ 66 (-8.33%)
Mutual labels:  s3
S3reverse
The format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-15.28%)
Mutual labels:  s3
Cloud Security Audit
A command line security audit tool for Amazon Web Services
Stars: ✭ 68 (-5.56%)
Mutual labels:  s3
Rumble
⛈️ Rumble 1.11.0 "Banyan Tree"🌳 for Apache Spark | Run queries on your large-scale, messy JSON-like data (JSON, text, CSV, Parquet, ROOT, AVRO, SVM...) | No install required (just a jar to download) | Declarative Machine Learning and more
Stars: ✭ 58 (-19.44%)
Mutual labels:  s3
Cloud Volume
Read and write Neuroglancer datasets programmatically.
Stars: ✭ 63 (-12.5%)
Mutual labels:  s3
Gitgraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1516.67%)
Mutual labels:  osint
Objstore
A Multi-Master Distributed Caching Layer for Amazon S3.
Stars: ✭ 69 (-4.17%)
Mutual labels:  s3
S3 Blob Store
☁️ Amazon S3 blob-store
Stars: ✭ 66 (-8.33%)
Mutual labels:  s3
View All Similar Projects ➔

Bucketlist

Bucketlist is a quick project I threw together to find and crawl Amazon S3 buckets and put all the data into a PostgreSQL database for querying.

Requirements

Bucketlist requires a recent version of Ruby and the PostgreSQL database system installed.

Setup

  • Check out the code to a location of your choice and navigate to it in a terminal
  • Install Bundler (unless you already have it) with: gem install bundler
  • Install gem dependencies with bundle install
  • Create a new PostgreSQL user with: createuser -s bucketlist --pwprompt (you might need to sudo su postgres first)
  • Create a new PostgreSQL database with: createdb -O bucketlist bucketlist (you might need to sudo su postgres first)
  • Copy the example configuration file with: cp config.yml.example config.yml
  • Edit the settings in config.yml to match your setup
  • ???
  • Profit!

Finding Buckets

Bucketlist finds buckets using a dictionary brute force, a bit like subdomain bruteforcing, so you will need a dictionary of words. The SecLists project on GitHub has a good collection of wordlists.

When you have a wordlist, simply run the bucket_finder script in a terminal:

$ bin/bucket_finder path/to/wordlist.lst
 - PRIVATE: https://s3.amazonaws.com/somebucket.backups/
 - PRIVATE: https://s3.amazonaws.com/somebucket.backup/
 - PRIVATE: https://s3.amazonaws.com/backups.somebucket/
 - PRIVATE: https://s3.amazonaws.com/backup.somebucket/
 +  PUBLIC: https://somebucket.dev.s3.amazonaws.com/
 - PRIVATE: https://s3.amazonaws.com/production.somebucket/
 ...

The script will find buckets and store information about them in the database. The script can be stopped at any time. If you run it again with the same wordlist, it will proceed where it left off.

Bucket name permutations

To maximize discovery, bucket_finder will perform simple permutations on each word in the given wordlist. As an example, if the wordlist contains the word example, bucket_finder will check for the existance of any of following buckets:

example
example.backup
backup.example
example.backups
backups.example
example.dev
dev.example
example.development
development.example
example.prod
prod.example
example.production
production.example
example.stage
stage.example
example.staging
staging.example
example.test
test.example
example.testing
testing.example
example-backup
backup-example
example-backups
backups-example
example-dev
dev-example
example-development
development-example
example-prod
prod-example
example-production
production-example
example-stage
stage-example
example-staging
staging-example
example-test
test-example
example-testing
testing-example
examplebackup
backupexample
examplebackups
backupsexample
exampledev
devexample
exampledevelopment
developmentexample
exampleprod
prodexample
exampleproduction
productionexample
examplestage
stageexample
examplestaging
stagingexample
exampletest
testexample
exampletesting
testingexample

Crawling Buckets

When buckets have been discovered with bucket_finder, the bucket_crawler script can be used to crawl the contents of the public buckets and save information about the files to the database:

$ bin/bucket_crawler
├── https://somebucket.dev.s3.amazonaws.com/
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-10-11-21-44-41-0DE7B75AC6F56AB6 (276B)
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-10-11-22-17-33-0EF1F7575568BC41 (374B)
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-10-11-21-30-12-9517510CD37C9D98 (320B)
...
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-11-07-09-34-44-A23E12B5C822DEB0 (375B)
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-11-07-10-51-12-4DB562D370986482 (374B)
│   ├── PRIVATE: https://somebucket.dev.s3.amazonaws.com/logs/2014-11-07-11-17-56-A58FF2F17296FB3E (375B)
├── https://s3.amazonaws.com/someotherbucket/
│   ├──  PUBLIC: https://s3.amazonaws.com/someotherbucket/3-DuisUtRisusCursus.mp4 (9MB)
│   ├──  PUBLIC: https://s3.amazonaws.com/someotherbucket/crossdomain.xml (198B)
│   ├──  PUBLIC: https://s3.amazonaws.com/someotherbucket/6-AeneanLobortisRutrumLoremEuFermentum.mp4 (19MB)
...

The bucket_crawler script will find any public bucket in the database that hasn't been crawled yet, and can be run at any time.

Browsing the Loot

All the data collected by bucket_finder and bucket_crawler is stored in a simple database schema and can of course be queried in all kinds of interesting ways with SQL, but Bucketlist also includes a simple web application for browsing the information in a convenient way. You can start the web application with:

$ bin/webapp
== Sinatra (v2.0.0) has taken the stage on 3000 for production with backup from Thin
Thin web server (v1.7.2 codename Bachmanity)
Maximum connections set to 1024
Listening on 0.0.0.0:3000, CTRL+C to stop

Now you can browse to http://localhost:3000/ and go Bucket spelunking!

DISCLAIMER

This code is meant for security professionals. I take no responsibility and assume no liability for the manner in which this code is used by you.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].