Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

POC Details: 80d159e5ab9060c3550dde7d283e0d88d6a24bc0

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/s3-username-disclosure.yaml
Associated Vulnerability

Likely 0-day

Description
Detected exposure of the x-amz-meta-s3cmd-attrs header in S3 objects, which can disclose sensitive information including the username (uname), user ID (uid), group name (gname), and group ID (gid) of the user who uploaded the file using s3cmd.
File Snapshot

 id: s3-username-disclosure

info:
  name: x-amz-meta-s3cmd-attrs Header Username Disclosure
  author

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.