In Chapter 7, Reconnaissance – Identifying Vulnerable S3 Buckets, we saw how we can create a vulnerable S3 bucket. It's time to perform those steps again. Let's start by going to Services | S3:
- Create a new bucket, name it, and then go to Set permissions
- Disable all the settings given in the following screenshot and create the bucket:
- Go to the bucket's Access Control List and allow public read/write access:
- Save all the settings
Our vulnerable AWS infrastructure ...