? Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
? Follow me on Twitter: https://bbre.dev/tw

This video is an explanation of a $20,000 vulnerability in S3 integration that I discovered in a private bug bounty program.

The video from 2021: https://www.youtube.com/watch?v=G7Pre3Y46Fs

? Get $100 in credits for Digital Ocean: https://bbre.dev/do

Timestamps:

00:00 Intro
00:28 How did I approach my target?
01:50 How do S3 pre-signed URLs work?
04:36 The vulnerability
06:50 Escalating the impact

Add comment

Your email address will not be published. Required fields are marked *