Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
DigitalOcean Spaces are object storage services. They allow users to store and serve large amounts of data, such as images and other files, in a scalable and cost-effective way. Spaces can be accessed via the DigitalOcean control panel, or using the DigitalOcean API, and are integrated with other DigitalOcean services such as Droplets (virtual private servers) and Load Balancers.
Spaces can be public (anyone can access them from the Internet) or private (only authorised users). To access the files from a private space outside of the Control Panel, we need to generate an access key and secret. These are a pair of random tokens that serve as a username and password to grant access to your Space.
A URL of a space looks like this: https://uniqbucketname.fra1.digitaloceanspaces.com/
Note the region as subdomain.
Even if the space is public, files inside of it can be private (you will be able to access them only with credentials).
However, even if the file is private, from the console it's possible to share a file with a link such as https://fra1.digitaloceanspaces.com/uniqbucketname/filename?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=DO00PL3RA373GBV4TRF7%2F20221213%2Ffra1%2Fs3%2Faws4_request&X-Amz-Date=20221213T121017Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=6a183dbc42453a8d30d7cd2068b66aeb9ebc066123629d44a8108115def975bc for a period of time:
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
