Enumerate AWS Organization ID

How to enumerate the AWS Organization ID

Methods to Enumerate AWS Organization ID

Using an S3 Bucket Name

Knowing the name of an AWS S3 bucket, we can use conditional-love to identify the organization ID
The bucket must be public or otherwise accessible by the IAM Role used

./conditional-love.py --profile dev --role arn:aws:iam::111111111111:role/s3-cracker --target tylerguessmyorg --action=s3:HeadObject --condition=aws:ResourceOrgID --alphabet=abcdefghijklmnopqrstuvwxyz-

Starting to be wrong. Please be patient...
=> o
=> o-
=> o-a
=> o-ab
=> o-abe
=> o-abek
=> o-abekz

PreviousAWS Attacks and Techniques NextEnumerate AWS Account IDs

Last updated 4 days ago

Was this helpful?