Skip to content
/ RaST Public

Taking control over AWS subdomains with "NoSuchBucket" error

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

eremit4/RaST

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
configs
configs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
rast.py
rast.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

RaST - Rapid Subdomain Takeover

This program is designed to create a proof of concept for the subdomain takeover vulnerability on pages hosted on AWS. The program checks if the "NoSuchBucket" error exists on the page and then creates a bucket with the same name and submits an index.html file for this bucket to consolidate the PoC. It is important to note that this program was created for a proof of concept. Any malicious action is the sole responsibility of the agent who performed it.

🕷️ Installing RaST

Clone the repository:

git clone https://github.com/eremit4/RaST.git

Install the libraries:

python -m pip install -r requirements.txt

🕶️ Prerequisites

Insert your AWS credentials in configs/config.json

{
  "ACCESS_KEY_ID": "",
  "SECRET_ACCESS_KEY": "",
  "REGION": ""
}

🕸️ Using RaST

Run the program:

python rast.py --help

📝 License

This project is under the MIT License.

About

Taking control over AWS subdomains with "NoSuchBucket" error

Topics

aws s3-bucket cloudfront s3-buckets takeover-subdomain

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages