My $20,000 S3 bug that leaked everyone’s attachments - S3 bucket misconfig of pre-signed URLs

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw

This video is an explanation of a $20,000 vulnerability in S3 integration that I discovered in a private bug bounty program.

The @criticalthinkingpodcast episode with Alex Champan: https://youtu.be/zYjbItyOoRY?si=lv6-PIXQK5DdxQlF
The video from 2021: https://www.youtube.com/watch?v=G7Pre3Y46Fs

🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do

Timestamps:

00:00 Intro
00:28 How did I approach my target?
01:50 How do S3 pre-signed URLs work?
04:36 …

bounty bug bug bounty bug bounty program impact integration private program target timestamps urls video vulnerability work