Another day, another challenge.
Today’s blog post we will solve the second level of the flAWS CTF challenge.
To read the post for the first level click HERE.
Let’s get started.
Going to the URL: http://level2-c8b217a33fcf1f839f6f1f73a00a9ae7.flaws.cloud/, we see:
This challenge is similar to the level 1 except we need the free tier AWS account.
To complete that part of the challenge, click HERE.
Let’s list the bucket from level 2 and see if we can find anything.
We’re going to run the command we did in level 1:
aws s3 ls <s3 domain>
We will enter the command: aws s3 ls s3://level2-c8b217a33fcf1f839f6f1f73a00a9ae7.flaws.cloud/
Doing this we have:
We have a secret file titled, secret-e4443fc.
Let’s see if we can access this file.
Appending this file to the URL, we get:
Yay!! We have solved the challenge.