diff --git a/src/SUMMARY.md b/src/SUMMARY.md index 761c78f63..71ea2e437 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -104,6 +104,7 @@ - [GCP - Pub/Sub Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.md) - [GCP - Secretmanager Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.md) - [GCP - Security Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.md) + - [GCP - Vertex AI Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md) - [GCP - Workflows Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.md) - [GCP - Storage Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.md) - [GCP - Privilege Escalation](pentesting-cloud/gcp-security/gcp-privilege-escalation/README.md) @@ -197,7 +198,6 @@ - [GCP - Spanner Enum](pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.md) - [GCP - Stackdriver Enum](pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.md) - [GCP - Storage Enum](pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.md) - - [GCP - Vertex AI Agent Engine Abuse](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md) - [GCP - Vertex AI Enum](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md) - [GCP - Workflows Enum](pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.md) - [GCP <--> Workspace Pivoting](pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md) diff --git a/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md b/src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md similarity index 98% rename from src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md rename to src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md index f3edf2cc7..c54d3c285 100644 --- a/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md +++ b/src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md @@ -1,4 +1,4 @@ -# GCP - Vertex AI Agent Engine Abuse +# GCP - Vertex AI Post Exploitation {{#include ../../../banners/hacktricks-training.md}} @@ -9,7 +9,7 @@ This page focuses on **Vertex AI Agent Engine / Reasoning Engine** workloads tha For the general Vertex AI overview check: {{#ref}} -gcp-vertex-ai-enum.md +../gcp-services/gcp-vertex-ai-enum.md {{#endref}} For classic Vertex AI privesc paths using custom jobs, models, and endpoints check: @@ -182,7 +182,7 @@ This is valuable even if write access is blocked because it exposes: For more Artifact Registry background check: {{#ref}} -gcp-artifact-registry-enum.md +../gcp-services/gcp-artifact-registry-enum.md {{#endref}} ## Tenant-project pivot: deployment artifact retrieval diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md index 0c6fe3886..966eeee0b 100644 --- a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md +++ b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md @@ -42,7 +42,7 @@ An attacker with the mentioned permissions will be able to **request an access t For a **resource-driven** variant where attacker-controlled code steals a **managed Vertex AI Agent Engine runtime token** from the metadata service and reuses it as the Vertex AI service agent, check: {{#ref}} -../gcp-services/gcp-vertex-ai-agent-engine-abuse.md +../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md {{#endref}} ```bash @@ -164,4 +164,3 @@ You can find an example on how to create and OpenID token behalf a service accou {{#include ../../../banners/hacktricks-training.md}} - diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md index 47ea7fe6f..2ccf5e208 100644 --- a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md +++ b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md @@ -10,10 +10,10 @@ For more information about Vertex AI check: ../gcp-services/gcp-vertex-ai-enum.md {{#endref}} -For **Agent Engine / Reasoning Engine** abuse using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check: +For **Agent Engine / Reasoning Engine** post-exploitation paths using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check: {{#ref}} -../gcp-services/gcp-vertex-ai-agent-engine-abuse.md +../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md {{#endref}} ### `aiplatform.customJobs.create`, `iam.serviceAccounts.actAs` diff --git a/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md b/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md index c540dc3ef..c5d33af51 100644 --- a/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md +++ b/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md @@ -14,10 +14,10 @@ ### Agent Engine / Reasoning Engine -For **Agent Engine / Reasoning Engine** specific enumeration and abuse paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check: +For **Agent Engine / Reasoning Engine** specific enumeration and post-exploitation paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check: {{#ref}} -gcp-vertex-ai-agent-engine-abuse.md +../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md {{#endref}} ### Key Components @@ -271,6 +271,12 @@ In the following page, you can check how to **abuse Vertex AI permissions to esc ../gcp-privilege-escalation/gcp-vertex-ai-privesc.md {{#endref}} +### Post Exploitation + +{{#ref}} +../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md +{{#endref}} + ## References - [https://cloud.google.com/vertex-ai/docs](https://cloud.google.com/vertex-ai/docs)