Exploiting S3 bucket with path folder to Access PII info of A BANK

Hi, everyone

SPECIAL COVID-19 Note:

Story Behind the bug:

Here it goes:

Command used:

So the final command will look like this:

cat vul1.txt vul2.txt vul3.txt | sort -u >> unique_sub.txt

NOW the actual s3 hunting start:

https://XXXXX.s3.us-east-1.amazonaws.com/11XXXXXXXXXX012.pdf

Now The Actual Process How I got access to PII info:

https://XXXXX.s3.us-east-1.amazonaws.com/document/uploadXXXX.png

https://www.buymeacoffee.com/killmongar1996
https://www.buymeacoffee.com/killmongar1996
https://www.buymeacoffee.com/killmongar1996

Like to hack and break security code and denfense |Security Researcher |pentester | Bugbounty hunter | Pentration tester | CTF player | BUGBOUNTY