https://github.com/hahwul/s3reverse

The format of various s3 buckets is convert in one format. for bugbounty and security testing.
https://github.com/hahwul/s3reverse

aws bugbounty s3 security utility

Last synced: about 1 month ago
JSON representation

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

• Host: GitHub
• URL: https://github.com/hahwul/s3reverse
• Owner: hahwul
• License: mit
• Created: 2020-03-20T15:45:13.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2023-05-06T07:37:24.000Z (over 1 year ago)
• Last Synced: 2024-10-25T01:32:40.013Z (about 2 months ago)
• Topics: aws, bugbounty, s3, security, utility
• Language: Go
• Homepage:
• Size: 3.67 MB
• Stars: 83
• Watchers: 6
• Forks: 27
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE.txt

Awesome Lists containing this project

• awesome-bugbounty-tools - s3reverse - The format of various s3 buckets is convert in one format. for bugbounty and security testing. (Miscellaneous / Buckets)
• WebHackersWeapons - s3reverse

README

        
# s3reverse

    

## Install

### go get 

```cassandraql

$ go get -u github.com/hahwul/s3reverse

```

### snap

```

snap install s3reverse

```

### brew

```

$ brew tap hahwul/s3reverse

$ brew install s3reverse

```

## Usage

### Input options

Basic Usage

```cassandraql

8""""8 eeee       8"""8  8"""" 88   8 8"""" 8"""8  8""""8 8""""

8         8       8   8  8     88   8 8     8   8  8      8

8eeeee    8       8eee8e 8eeee 88  e8 8eeee 8eee8e 8eeeee 8eeee

    88 eee8  eeee 88   8 88    "8  8  88    88   8     88 88

e   88    88      88   8 88     8  8  88    88   8 e   88 88

8eee88 eee88      88   8 88eee  8ee8  88eee 88   8 8eee88 88eee

by @hahwul

Usage of ./s3reverse:

  -iL string

    	input List

  -oA string

    	Write output in Array format (optional)

  -oN string

    	Write output in Normal format (optional)

  -tN

    	to name

  -tP

    	to path-style

  -tS

    	to s3 url

  -tV

    	to virtual-hosted-style

  -verify

    	testing bucket(acl,takeover)

```

Using from file

```cassandraql

$ s3reverse -iL sample -tN

udemy-web-upload-transitional

github-cloud

github-production-repository-file-5c1aeb

github-production-upload-manifest-file-7fdce7

github-production-user-asset-6210df

github-education-web

github-jobs

s3-us-west-2.amazonaws.com

optimizely

app-usa-modeast-prod-a01239f

doc

swipely-merchant-assets

adslfjasldfkjasldkfjalsdfkajsljasldf

cbphotovideo

cbphotovideo-eu

public.chaturbate.com

wowdvr

cbvideoupload

testbuckettesttest

```

Using from pipeline

```cassandraql

$ cat sample | s3reverse -tN

udemy-web-upload-transitional

github-cloud

github-production-repository-file-5c1aeb

github-production-upload-manifest-file-7fdce7

github-production-user-asset-6210df

github-education-web

github-jobs

s3-us-west-2.amazonaws.com

optimizely

app-usa-modeast-prod-a01239f

doc

swipely-merchant-assets

adslfjasldfkjasldkfjalsdfkajsljasldf

cbphotovideo

cbphotovideo-eu

public.chaturbate.com

wowdvr

cbvideoupload

testbuckettesttest

```

### Output options

to Name

```cassandraql

$ s3reverse -iL sample -tN

udemy-web-upload-transitional

github-cloud

github-production-repository-file-5c1aeb

github-production-upload-manifest-file-7fdce7

... snip ...

```

to Path Style

```cassandraql

$ s3reverse -iL sample -tP

https://s3.amazonaws.com/udemy-web-upload-transitional

https://s3.amazonaws.com/github-cloud

https://s3.amazonaws.com/github-production-repository-file-5c1aeb

... snip ...

```

to Virtual Hosted Style

```cassandraql

$ s3reverse -iL sample -tV

udemy-web-upload-transitional.s3.amazonaws.com

github-cloud.s3.amazonaws.com

github-production-repository-file-5c1aeb.s3.amazonaws.com

github-production-upload-manifest-file-7fdce7.s3.amazonaws.com

github-production-user-asset-6210df.s3.amazonaws.com

... snip ...

```

### Verify mode

```cassandraql

$ s3reverse -iL sample -verify

[NoSuchBucket] adslfjasldfkjasldkfjalsdfkajsljasldf

[PublicAccessDenied] github-production-user-asset-6210df

[PublicAccessDenied] github-jobs

[PublicAccessDenied] public.chaturbate.com

[PublicAccessDenied] github-education-web

[PublicAccessDenied] github-production-repository-file-5c1aeb

[PublicAccessDenied] testbuckettesttest

[PublicAccessDenied] app-usa-modeast-prod-a01239f

[PublicAccessGranted] cbphotovideo-eu

[PublicAccessDenied] swipely-merchant-assets

[PublicAccessDenied] optimizely

[PublicAccessDenied] wowdvr

[PublicAccessGranted] s3-us-west-2.amazonaws.com

[PublicAccessDenied] cbphotovideo

[PublicAccessDenied] cbvideoupload

[PublicAccessDenied] github-production-upload-manifest-file-7fdce7

[PublicAccessDenied] doc

[PublicAccessDenied] udemy-web-upload-transitional

[PublicAccessDenied] github-cloud

```

## Case study

Pipelining `meg`, `s3reverse`, `gf` , `s3scanner` for Find S3 Misconfiguration.

```cassandraql

$ meg -d 1000 -v / ; cd out ; gf s3-buckets | s3reverse -tN > buckets ; s3scanner buckets

```

Find S3 bucket takeover

```cassandraql

$ meg -d 1000 -v / ; cd out ; gf s3-buckets | s3reverse -verify | grep NoSuchBucket > takeovers

```

## Contributors

[![](/CONTRIBUTORS.svg)](https://github.com/hahwul/s3reverse/graphs/contributors)