flAWS Level 2 #aws #flAWS #flaws

Another day, another challenge.

Today’s blog post we will solve the second level of the flAWS CTF challenge.

To read the post for the first level click HERE.

Let’s get started.

Going to the URL: http://level2-c8b217a33fcf1f839f6f1f73a00a9ae7.flaws.cloud/, we see:

flAWS_level_2_1flAWS_level_2_2

This challenge is similar to the level 1 except we need the free tier AWS account.

To complete that part of the challenge, click HERE.

Let’s list the bucket from level 2 and see if we can find anything.

We’re going to run the command we did in level 1:

aws s3 ls <s3 domain>

We will enter the command: aws s3 ls s3://level2-c8b217a33fcf1f839f6f1f73a00a9ae7.flaws.cloud/

Doing this we have:

flaws_level2_listing_directory

We have a secret file titled, secret-e4443fc.

Let’s see if we can access this file.

Appending this file to the URL, we get:

flAWS_level2_solved

Yay!! We have solved the challenge.

 

About birdofbeauty12

A computer security hopeful, who is blogging about her experiences in transitioning over to that field.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s