肥皂的小屋
Follow
66
Followers
3
Followings
Patron
Home
Archives
Portfolios
Nft
About
Shotrs
漏洞挖掘
Latest
Hottest
Most Commented
记一次打偏的spring boot接口信息泄露导致AWS s3 bucket接管
挖某 SRC 的资产中发现某三级子域名历史解析的 IP 为 Amazon 服务器,发现该 IP 存在 springboot 接口泄露 通过解析拿到星号加密的 AWS_SECRET_ACCESS_KEY 的明文并成功访问容器资源 但是明知道打偏还是硬着头皮提交漏洞然后被忽略的苦逼…
SRC
2 min
3 years ago
Ownership of this blog data is guaranteed by blockchain and smart contracts to the creator alone.
Blockchain ID
#58006
Owner
0xa75bc050d20393dc83b0a7bba2974521594cb660
Transaction Hash
Creation 0x3f2e7120...5c02390f46
Last Update 0x8391bea2...c4f11ea2a4
IPFS Address
ipfs://QmZPvgAy4DSrPxhRfqaKk1XFDWT9LsxrBGLJ69FbRphrp6
