GCP - Composer Enum

Tip

Nauči & vežbaj AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Nauči & vežbaj GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Nauči & vežbaj Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Podržite HackTricks

• Pogledajte subscription plans!
• Pridružite se 💬 Discord group or the telegram group or pratite nas na Twitter 🐦 @hacktricks_live.
• Podelite hacking tricks slanjem PR-ova na HackTricks i HackTricks Cloud github repos.

Osnovne informacije

Google Cloud Composer je potpuno upravljana usluga orkestracije radnih tokova zasnovana na Apache Airflow. Omogućava vam da kreirate, zakazujete i pratite pipeline-ove koji se protežu preko oblaka i lokalnih data centara. Sa GCP Composer-om, možete lako integrisati svoje radne tokove sa drugim Google Cloud uslugama, olakšavajući efikasne zadatke integracije i analize podataka. Ova usluga je dizajnirana da pojednostavi složenost upravljanja radnim tokovima podataka zasnovanim na oblaku, čineći je vrednim alatom za inženjere podataka i programere koji se bave obradom podataka velikih razmera.

Enumeration

# Get envs info
gcloud composer environments list --locations <loc>
gcloud composer environments describe --location <loc> <environment>

# Get list of dags
gcloud composer environments storage dags list --environment <environment> --location <loc>
# Download dags code
mkdir /tmp/dags
gcloud composer environments storage dags export --environment <environment> --location <loc> --destination /tmp/dags

# List Data from composer
gcloud composer environments storage data list --environment <environment> --location <loc>
# Download data
mkdir /tmp/data
gcloud composer environments storage data export --environment <environment> --location <loc> --destination /tmp/data

# List Plugins from composer
gcloud composer environments storage plugins list --environment <environment> --location <loc>
# Download plugins
mkdir /tmp/plugins
gcloud composer environments storage data export --environment <environment> --location <loc> --destination /tmp/plugins

Privesc

Na sledećoj stranici možete proveriti kako da zloupotrebite dozvole kompozitora za eskalaciju privilegija:

GCP - Composer Privesc

Tip

Nauči & vežbaj AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Nauči & vežbaj GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Nauči & vežbaj Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Podržite HackTricks

• Pogledajte subscription plans!
• Pridružite se 💬 Discord group or the telegram group or pratite nas na Twitter 🐦 @hacktricks_live.
• Podelite hacking tricks slanjem PR-ova na HackTricks i HackTricks Cloud github repos.