2024-06-17 –, Breakout 2
This talk presents a new technique for discovering the AWS Account ID of private S3 buckets where previously this was only possible for public buckets. We’ll break down this intricate technique, invite participants to consider where else they could apply a similar approach and explore the implications of S3 bucket’s Account IDs now becoming public. We’ll use the interaction of IAM condition keys, VPC Endpoint policies and CloudTrail to uncover the account ID of a bucket to which we don’t have access.
Sam is the CTO & co-founder of Tracebit where he’s building a platform that deploys and leverages cloud honeypots for intrusion detection. He previously led engineering teams to architect and build cloud-native SMTP gateways at scale at Tessian. He’s interested in all things cloud security and is particularly susceptible to going down any rabbit holes involving CloudTrail!