Enumerate S3 Buckets using lazys3

Overview of Enumeration Tools

Enumeration tools are used to collect detailed information about target systems to exploit them. Information collected by S3 enumeration tools consists of a list of misconfigured S3 buckets that are available publicly. Attackers can exploit these buckets to gain unauthorized access to them. Moreover, they can modify, delete, and exfiltrate the bucket content.

Task:Enumerate S3 Buckets using lazys3

lazys3 is a Ruby script tool that is used to brute-force AWS S3 buckets using different permutations. This tool obtains the publicly accessible S3 buckets and also allows you to search the S3 buckets of a specific company by entering the company name.

-Open Parrot Security to switch to the Parrot Security machine.

-Click the MATE Terminal icon at the top of the Desktop window to open a Terminal window.

-A Parrot Terminal window appears. In the terminal window, type sudo su and press Enter to run the programs as a root user.-

-The password that you type will not be visible.

-Now, type cd and press Enter to jump to the root directory.

-In the terminal window, type cd lazys3 and press Enter to navigate to the cloned repository.

-In the lazys3 folder, type ls and press Enter to list the folder content.

-The folder content is displayed; here, we will run the lazys3.rb script to find the public S3 buckets.

-Now, type ruby lazys3.rb and press Enter.

-A list of public S3 buckets is displayed, as shown in the screenshot.

-Press Ctrl+Z to stop the script.

-You can search the S3 buckets of specific company. To do so, type ruby lazys3.rb [Company] and press Enter.

-Here, the target company name is HackerOne; you can enter the company name of your choice.

-The result appears, showing the obtained list of S3 buckets of the specified company.

-It will take some time to obtain a complete list of the available S3 buckets.

-This concludes the demonstration of enumerating public S3 buckets.