At paragraph 8:00, I see you mentioned changing the max-key to list all filenames, folders,... But somehow, I tried adding the max-keys parameter and got an error: "The request signature we calculated does not match the signature you provided. Check your key and signing method." Please tell me how to list all filenames and folders using max-keys. Thanks
@@BugBountyReportsExplained But the default pre-signed URLs method will list a maximum of 1000. How can you list more as you mentioned in the video? Add any param or any tricks.....
@@BugBountyReportsExplained In the case of your report, how did you do it? Have you also tried adding this param before it signs and was it successful?
god awesome, 8:50 I've been learning about bug bounty and learning basic webs develop and sql, python 2023 since early this year, but I'm still confused about how to report low impact vulnerability methods. for the beginners bug bounty Do you have any suggestions for me?
Congratulations. This was a really interesting video. Btw, I would recommend that you fix the audio ups and downs between your face cam and the presentation.
Amazing video. Thank You for the details. Quick question , when you provided the path of the directory in the filename (../) , didnt the application perform any check for the file extension ?
Like the video, thanks for sharing. The audio levels are a bit weird. seems like when you toggle between screenshare and face cam there's some difference in the audio. Kinda jumpscared me.
Yep, sorry for scarring you! I didn't normalise the audio level across different clips and I uploaded it just before leaving and didn't have time to fix
@BugBountyReportsExplained Hi bro. Congrats on your bounty!. I have one Small request. When you try to explain a vulnerability with multiple accounts of a program, Please use terms like Account A and Account B instead of using my account and another account. It would be very understandable. Rest you are doing amazing. Thanks for the Knowledge sharing!
Do you want to say you had a problem with understanding this server-side path traversal bug just because I used the terms my account and victim's account instead of account A and B?🤔
@@BugBountyReportsExplained Yes. But not for myself. Some of my friends are also learning from your channel. I cleared a doubt for them this time. it's their request.
I hoped you enjoyed the video! If you want to learn even more with me, go to bbre.dev/premium
Thanks for the shout-out and congrats on the great bug!
Thanks for the great podcast!
I was roaming youtube for a some ideas of s3 buckets attacks. Your case is just a brilliant. Awesome bug. Thanks for sharing!
Great video! Congrats on the bounty :)
Awesome finding Grzegorz, congratulations :) Thank you for sharing all the details as well!
Dzięki!
clean and clever! I already guessed what you got after reading your bounty tweet! congrats
Nice!😏
Gratulacje!!!! Ja ostatnio zrobiłem trochę wakacji w BB, ale jesienią mam zamiar powrócić do tematu.
Dzięki! Wracaj, wracaj😏
This is an amazing finding, congrats mate!
Congrats for the bounty bro
Congratulations Greg!
I can feel that excitement, I feel the same when I catch a big fish!
Great explanation. Last third of the video was really valuable and very well explained.
Congrats on the bounty!
Nice finding!! 🎉
Congratulations on your bounty. You did great
Nice find thanks for sharing bro
At paragraph 8:00, I see you mentioned changing the max-key to list all filenames, folders,...
But somehow, I tried adding the max-keys parameter and got an error: "The request signature we calculated does not match the signature you provided. Check your key and signing method."
Please tell me how to list all filenames and folders using max-keys.
Thanks
Max-keys is only used to control how many elements should be listed
@@BugBountyReportsExplained But the default pre-signed URLs method will list a maximum of 1000. How can you list more as you mentioned in the video? Add any param or any tricks.....
@@nguyenquockhanh3920try adding the param before you sign the URL
@@BugBountyReportsExplained In the case of your report, how did you do it? Have you also tried adding this param before it signs and was it successful?
Nice video, thanks and congrats for the bounty
Thank you for this content--it's so eloquent!
hey bro thanks for sharing this video
now i have one more thing to spend more time in applications😅
do not stop ❤
cool, congrats. nice video all the best!
need that pdf at 7:51 thank you
awsdocs.s3.amazonaws.com/S3/latest/s3-qrc.pdf
Congrats mate,you just got a new sub ;)
god awesome, 8:50 I've been learning about bug bounty and learning basic webs develop and sql, python 2023 since early this year, but I'm still confused about how to report low impact vulnerability methods. for the beginners bug bounty Do you have any suggestions for me?
Congratulations. This was a really interesting video. Btw, I would recommend that you fix the audio ups and downs between your face cam and the presentation.
Well done!
Finally this video happened found that pre signed urls very interesting max expiring of sharable object 12hr or 7days ?
thank you for sharing
I didn't actually pay attention to the expiry of the signature
The third step you gave another account name was in the intercept (Burp) or by inspecting the elements tab in browser?
Where are your report the bug to target website or Amazon?
target, Amazon did nothing wrong here
Great video! I'm interested to know how you replicated the vulnerable server code. Would you be able to share?
I asked chatgpt how this functionality can be implemented in my target's technology and then asked it to build a small webapp around it
Amazing video. Thank You for the details. Quick question , when you provided the path of the directory in the filename (../) , didnt the application perform any check for the file extension ?
Nope, there was no check
Love your channel bro
Congratulations!🎉
I got the same bug and the team only awarded 3.5K
Its still nice money
@@alperkaya8919 many programs deal with each researcher differently.
Greatt and also thanks a lottt for the video....Can you please provide the aws s3 param list's pdf file you showed in the video...?
Damnn! Congrats:)
Awesome information
If you could list the the bucket with ../ as file name, bucket seems public, did you try to list the bucket through aws-cli?
yes, I think I have
Well done dude
the fact that they use direct links to images to S3 should be a red flag - GET from S3 is expensive and AFAIK can't handle big scale
But it didn't expire after 3600 seconds? due to X-Amz-Expires parameter?
it does but why would that be a problem?
Congratulations
What microphone you are using?
Rode NT-USB
Congratulations nice bug❤
great Bud
Amazing bug!
well explained!
Awsome sir👍
Congratulations!
Nice finding!
Pozdrowienia od mateuszka z h1 :)
kojarzę z niejednego leaderborda ;) mam nadzieję że spotkamy się na jakiejś konfie
thanks for sharing
Like the video, thanks for sharing. The audio levels are a bit weird. seems like when you toggle between screenshare and face cam there's some difference in the audio. Kinda jumpscared me.
Yep, sorry for scarring you! I didn't normalise the audio level across different clips and I uploaded it just before leaving and didn't have time to fix
Thanks
@BugBountyReportsExplained Hi bro. Congrats on your bounty!. I have one Small request. When you try to explain a vulnerability with multiple accounts of a program, Please use terms like Account A and Account B instead of using my account and another account. It would be very understandable. Rest you are doing amazing. Thanks for the Knowledge sharing!
Do you want to say you had a problem with understanding this server-side path traversal bug just because I used the terms my account and victim's account instead of account A and B?🤔
@@BugBountyReportsExplained Yes. But not for myself. Some of my friends are also learning from your channel. I cleared a doubt for them this time. it's their request.
Dobra robota mordo :)
Dzięki!
4:13
Mądry gość.
Cool bug
Amazing
🎉
Congrats keep it keep uploading videos
Congratulations