capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 17 – Elf Leaks #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our seventeenth challenge, we’re presented with a scenario where the Grinch has posted an email to everyone at the Best Festival Company detailing everyone’s name and date of birth. McSkidy talks with McInfra to determine the origin of the breach.

The topic explored in this challenge is AWS S3 (Simple Storage Service) and AWS IAM (Identity and Access Management). S3 is one of AWS oldest services and store files in buckets. These buckets can be stored publicly and privately (this will be useful in our challenge). For AWS IAM, there are two different keys that are useful for this service, access key IDs that start with AKIA and short-term credentials that start with ASIA. This will also be helpful in our challenge.

Can McSkidy find the origin of the breach? Find out below!

If you enjoy my content, buy me a coffee. Link –>

Leave a Reply