Test name: Amazon AWS S3 bucket takeover
The target application contains a reference to an S3 bucket that no longer exists. An attacker can register a new S3 bucket under the target's original S3 bucket name. The target application would use the new S3 bucket which is under the attacker's control. An attacker can populate the S3 bucket with malicious content or intercept legitimate traffic intended for the S3 bucket, potentially leading to data theft or other malicious activities.
This vulnerability causes the following consequences:
- Data breaches
- Malware distribution
- Negatively impact on the company reputation
The issue can be found in the source code on the response body, and subdomains using S3 buckets.
- Remove unused S3 buckets reference URLs from code