This vulnerability is found by the Guest author Venkat and published on his behalf.
On June 9th
Just scrolling down on the directory of Hackerone. While trying to find some good bug bounty program, Amazon Vulnerability Research Program caught my eyes.
I thought “Why don’t we try Amazon?”
So, I started looking at their bounty program’s policy and scopes. Let’s start hacking.
TIME: 11:30AM IST
As usual Started with GITHUB. Amazon have lot of repositories. Where some of them are public and few are private and others are internal repositories.
From GitHub docs: Public repositories are accessible to everyone on the internet. Private repositories are only accessible to you, people you explicitly share access with, and, for organization repositories, certain organization members. Internal repositories are accessible to enterprise members.
Does Amazon’s public repositories contain any sensitive information?
Maybe we can try with third party.
I have Collected the keywords related to Amazon.com
Eg: email, password, phone number, st no, credit card, debit card etc.,
Tried with GitHub dorks and checking the third-party repositories. I still couldn’t find any sensitive information.
What about AWS?
Ok. Maybe we can try with AWS. Collected keywords related to AWS and using it with GitHub dorks. Got some sensitive information but not worth it.
TIME: 12:00PM IST
Tried with all keywords. No use till now.
Did I miss any keywords in the list?
Maybe. So decided to search for any keywords in Amazon app.
Whenever I try to place order in Amazon. First thing I check is customer’s review. In customer reviews section, we can see the username of the customer, rating and review of the product.
Yeah, I missed the username in the list.
Tried with Username keyword in GitHub dorks.
Then I GOT IT!
The sensitive information which I got from that repository is
- Able to get PII of 1127 employees. PII contains username, login ID, location of the building, department name, job title, phone number.
- PII of Andy Jassy and other higher official leaked.
- Source code of one of the AWS projects.
PII OF AWS WORKERS