Chain of hacks leading to Database Compromise!

downloadcallback/download_handler.php?path=
/etc/passwd file
Reading other sensitive files via LFI
download_handler.php
SSRF
SSRF leads to access /etc/passwd
ElasticBeanstalk in use
AWS Instance User Data
AWS Instance MetaData
AWS Metadata — Retrieving the Account ID and Region
http://169.254.169.254/latest/meta-data/iam/security-credentials/aws-elasticbeanstalk-ec2-role
AWS Account access ID and access Key
Configuring AWS Command Line Interface
Recursively copying all the S3 Bucket content

Security Engineer @Microsoft | DevSecOps | Speaker | Breaking stuff to learn | Featured in Forbes, BBC| Acknowledged by Google, NASA, Yahoo, UN etc

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Phase Rummy Plus card game Hack Free Resources Generator

Announcing: The dForce Lending & Synthetic Asset Protocol­ Official Launch on BSC

2018 World Wide Cyber Wars

HR Scams Are All Over Social — How to Make Sure That Job Offer’s Real

What is WPA3’s features?

How Does AIKEA Stack Up Against the Competition?

{UPDATE} Scary Movie V2 Trivia Hack Free Resources Generator

Top 5 Things CIOs Should Look For in Digital Identity

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Avinash Jain (@logicbomb)

Avinash Jain (@logicbomb)

Security Engineer @Microsoft | DevSecOps | Speaker | Breaking stuff to learn | Featured in Forbes, BBC| Acknowledged by Google, NASA, Yahoo, UN etc

More from Medium

Bug Bounty: Should You Go Full-Time?

Yogosha Christmas 2021 CTF

Post-Exploitation with HackBrowserData.

$4300 Instagram IDOR Bug (2022)