A Python script for AWS S3 bucket enumeration.
Inspired by a conversation with Instacart’s @nickelser on HackerOne, I’ve optimized and published Sandcastle – a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler.
The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations, such as the ones below:
-training
-bucket
-dev
-attachments
-photos
-elasticsearch
[...]
Download
git clone https://github.com/Parasimpaticki/sandcastle.git
Use
usage: sandcastle.py [-h] (-t targetStem | -f inputFile) [-b bucketFile]
[-o outputFile]
arguments:
-h, --help show this help message and exit
-t targetStem, --target targetStem
Select a target stem name (e.g. 'shopify')
-f inputFile, --file inputFile
Select a target list file
-b bucketFile, --bucket-list bucketFile
Select a bucket permutation file (default: bucket-
names.txt)
-o outputFile, --output outputFile
Select a output file
Status codes and testing
| Status code |
Definition |
Notes |
| 404 |
Bucket Not Found |
Not a target for analysis (hidden by default) |
| 403 |
Access Denied |
Potential target for analysis via the CLI |
| 200 |
Publicly Accessible |
Potential target for analysis via the CLI |
____ __ __ __
/ __/__ ____ ___/ /______ ____ / /_/ /__
_\ \/ _ `/ _ \/ _ / __/ _ `(_-</ __/ / -_)
/___/\_,_/_//_/\_,_/\__/\_,_/___/\__/_/\__/
S3 bucket enumeration // release v1.2.5 // ysx
[*] Commencing enumeration of 'shopify', reading 163 lines from 'bucket-names.txt'.
[+] Checking potential match: shopify-content --> 403
An error occurred (AccessDenied) when calling the ListObjects operation: Access Denied
Copyright (c) 2017 Yasin Soliman
Source: https://github.com/Parasimpaticki/
