📂 Enumeration
1. Domain Discovery
Navigating to the IP address revealed a static website. An email address mail@thetoppers.htb was found in the contact section.
I added this to my /etc/hosts file.
2. Subdomain Enumeration
I used gobuster to search for virtual hosts (subdomains) associated with thetoppers.htb.
Command:
gobuster vhost -w /usr/share/wordlists/amass/subdomains-top1mil-5000.txt -u http://thetoppers.htb --append-domain
Result: Discovered s3.thetoppers.htb.
3. S3 Bucket Interaction
Before interacting with the S3 bucket, ensured that the AWS CLI was installed and configured.
Setup Guide
After adding the new subdomain to /etc/hosts, I investigated the S3 service using the AWS CLI.
- Listing Buckets:
aws --endpoint=http://s3.thetoppers.htb/ s3 ls
- Listing Files in
thetoppers.htb:
aws --endpoint=http://s3.thetoppers.htb/ s3 ls s3://thetoppers.htb
Next Step