Amazon Web Services S3 Explorer - Detect

What is the "Amazon Web Services S3 Explorer - Detect?"

The "Amazon Web Services S3 Explorer - Detect" module is designed to detect misconfigurations in the Amazon Web Services (AWS) S3 Explorer page. It targets instances where the page contains the title "AWS S3 Explorer". This module has a medium severity level.

Impact

This module helps identify misconfigurations in the AWS S3 Explorer page, which can potentially lead to unauthorized access or exposure of sensitive data. By detecting these misconfigurations, organizations can take appropriate measures to secure their AWS S3 storage.

How the module works?

The module works by sending an HTTP GET request to the target URL, specifically to the path "/index.html". It then applies several matching conditions to determine if a misconfiguration exists:

- The module checks if the page title contains the text "AWS S3 Explorer". - It verifies if the response header includes the content type "text/html". - Lastly, it confirms if the response status code is "200" (OK).

If all these conditions are met, the module reports a potential misconfiguration in the AWS S3 Explorer page.

For example, the module would send an HTTP GET request to "https://example.com/index.html". If the response contains the title "AWS S3 Explorer", has the content type "text/html", and returns a status code of "200", the module would flag it as a misconfiguration.