GCP - Secretmanager Privesc

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

secretmanager

Kwa taarifa zaidi kuhusu secretmanager:

GCP - Secrets Manager Enum

secretmanager.versions.access

Hii inakupa ufikiaji wa kusoma secrets kutoka secret manager na inaweza kusaidia kupata ruhusa zaidi (kutegemea ni taarifa gani zimehifadhiwa ndani ya secret):

Pata toleo la secret kwa maandishi wazi ```bash # Get clear-text of version 1 of secret: "" gcloud secrets versions access 1 --secret="" ```

Kwa kuwa hii pia ni mbinu ya post exploitation inaweza kupatikana katika:

GCP - Secretmanager Post Exploitation

secretmanager.secrets.setIamPolicy

Hii inakupa uwezo wa kusoma secrets kutoka secret manager, kwa kutumia:

Add IAM policy binding to secret ```bash gcloud secrets add-iam-policy-binding \ --member="serviceAccount:@$PROJECT_ID.iam.gserviceaccount.com" \ --role="roles/secretmanager.secretAccessor" ``` Au ondoa sera kwa: ```bash gcloud secrets remove-iam-policy-binding \ --member="serviceAccount:@.iam.gserviceaccount.com" \ --role="roles/secretmanager.secretAccessor" ```

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks