DO - Spaces

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

DigitalOcean Spaces ni huduma za uhifadhi wa vitu. Zinawaruhusu watumiaji kuhifadhi na kuhudumia kiasi kikubwa cha data, kama picha na faili nyingine, kwa njia inayoweza kupanuka na yenye gharama nafuu. Spaces zinaweza kufikiwa kupitia paneli ya kudhibiti ya DigitalOcean, au kwa kutumia API ya DigitalOcean, na zimeunganishwa na huduma nyingine za DigitalOcean kama Droplets (seva binafsi za virtual) na Load Balancers.

Access

Spaces zinaweza kuwa za umma (kila mtu anaweza kuzifikia kutoka kwenye Mtandao) au za faragha (watumiaji walioidhinishwa tu). Ili kufikia faili kutoka kwenye nafasi ya faragha nje ya Paneli ya Kudhibiti, tunahitaji kuunda funguo ya ufikiaji na siri. Hizi ni jozi ya alama za nasibu ambazo zinatumika kama jina la mtumiaji na nenosiri kutoa ufikiaji kwa nafasi yako.

URL ya nafasi inaonekana kama hii: https://uniqbucketname.fra1.digitaloceanspaces.com/ Kumbuka eneo kama subdomain.

Hata kama nafasi ni ya umma, faili ndani yake zinaweza kuwa za faragha (utaweza kuzifikia tu kwa kutumia taarifa za kuingia).

Hata hivyo, hata kama faili ni ya faragha, kutoka kwenye console inawezekana kushiriki faili kwa kiungo kama https://fra1.digitaloceanspaces.com/uniqbucketname/filename?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=DO00PL3RA373GBV4TRF7%2F20221213%2Ffra1%2Fs3%2Faws4_request&X-Amz-Date=20221213T121017Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=6a183dbc42453a8d30d7cd2068b66aeb9ebc066123629d44a8108115def975bc kwa kipindi fulani:

Enumeration

# Unauthenticated
## Note how the region is specified in the endpoint
aws s3 ls --endpoint=https://fra1.digitaloceanspaces.com --no-sign-request s3://uniqbucketname

# Authenticated
## Configure spaces keys as AWS credentials
aws configure
AWS Access Key ID [None]: <spaces_key>
AWS Secret Access Key [None]: <Secret>
Default region name [None]:
Default output format [None]:

## List all buckets in a region
aws s3 ls --endpoint=https://fra1.digitaloceanspaces.com

## List files inside a bucket
aws s3 ls --endpoint=https://fra1.digitaloceanspaces.com s3://uniqbucketname

## It's also possible to generate authorized access to buckets from the API

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousDO - Projects NextDO - Volumes

Last updated 3 days ago