How I Found An S3 Vulnerability.

It all started back in 2018 with the below email: I selected the link within the email it brought me to the following URL. Notice it’s a straight S3 link to a public S3 URL, with PII in it. (Take my word on that) :). So I sent this email: To which they responded: Now, remember, this is 2018: right at the height of the S3 bucket madness. You couldn’t go a single month wiRead More…

Dell N Series – No Free IP Address To Offer In Pool

At this site we installed a new Dell N Series core replacing a bunch of old junk. As I’m doing the new build I moved all the DHCP requests to the core and away from windows which took care of all the DHCP requests. This was on a off day with no one around (Duh replacing the core) and I was not really worried. After about 30 minutes my console is filling up with the below messages. Note: Yes it’Read More…