More Keys Than A Piano: Finding Secrets In Publicly Exposed Ebs Volumes

DEF CON 27

Presented by: Ben Morris
Date: Friday August 09, 2019
Time: 13:00 - 13:45
Location: Track 4

Did you know that Elastic Block Storage (Amazon EBS) has a "public" mode that makes your virtual hard disk available to anyone on the internet? Apparently hundreds of thousands of others didn't either, because they're out there exposing secrets for everyone to see.

I tore apart the petabytes of data for you and have some dirty laundry to air: encryption keys, passwords, authentication tokens, PII, you name it and it's here. Whole (virtual) hard drives to live sites and apps, just sitting there for anyone to read. So much data in fact that I had to invent a custom system to process it all.

There's a massive Wall of Sheep out there on the internet, and you might not have even noticed that you're on it. Actually, you should stop reading and go check that out right now.

Ben Morris

Ben Morris is a Security Associate at Bishop Fox, a consulting firm providing cybersecurity services to the Fortune 500, global financial institutions, and high-tech startups. In this role, he focuses on application penetration testing, network penetration testing, and red-teaming. Ben also enjoys performing drive-by pull requests on security tools and bumbling his way into vulnerabilities in widely used PHP and .NET frameworks and plugins. Ben has also contributed to Root the Box, a capture the flag security competition.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats