CTF Overview and Structure

This CTF event highlights how misconfigurations in cloud services translate directly into real security risks. The focus spans:

1. Pre-flight setup
2. Challenge 1 : IAM Misconfigurations
3. Challenge 2 : S3 Bucket Discovery
4. Challenge 3 : Public EBS Snapshot Enumeration
5. Rolling back AWS changes

General Rules Used in the Challenges

• Any tool or service could be used
• Challenge descriptions contain hidden hints , so reading carefully is essential.
• No lateral exploration ; flags exist only where described.
• Flags follow formats such as FLAG-(STRING) or FLAG00STRING00.

Pre-Flight Setup

Before diving into the challenges, users ensured their AWS CLI profile named securitymaster was configured. This profile stored specific access keys created earlier.

Verification Command

aws sts get-caller-identity --profile securitymaster

What it does:

• Calls the AWS Security Token Service (STS)
• Returns the AWS Account ID, ARN, and User ID tied to the configured credentials
• Confirms the profile is valid and can make API calls