translate everything

src/pentesting-cloud/workspace-security/README.md

@@ -71,3 +71,7 @@ gws-persistence.md
 - [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
 
 {{#include ../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/README.md

@@ -163,3 +163,7 @@ It's possible to do something using gcloud instead of the web console, check:
 - [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.md

@@ -233,3 +233,7 @@ Moreover, if someone **shared** with you a document with **editor access**, you
 > To abuse this you also need people to trigger the App Script. And one neat trick if to **publish the script as a web app**. When the **people** that already granted **access** to the App Script access the web page, they will **trigger the App Script** (this also works using `<img>` tags).
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-persistence.md

@@ -180,3 +180,7 @@ gws-google-platforms-phishing/gws-app-scripts.md
 - [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
 
 {{#include ../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-post-exploitation.md

@@ -72,3 +72,7 @@ You can also find emails by searching through all the user's invoices in [**http
 - [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
 
 {{#include ../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/README.md

@@ -56,3 +56,7 @@ gws-admin-directory-sync.md
 {{#endref}}
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.md

@@ -338,3 +338,7 @@ curl -X POST \
 > It's not possible to give the new user the Super Amin role because the **refresh token doesn't have enough scopes** to give the required privileges.
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.md

@@ -938,3 +938,7 @@ It's possible to find the key components of this in the Chromium source code:
 - [https://issues.chromium.org/issues/40063291](https://issues.chromium.org/issues/40063291)
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.md

@@ -190,3 +190,7 @@ Which is the same one you get if you don't indicate any scope.
 > With this scope you could **modify the password of a existing user to escalate privileges**.
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+

src/pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gws-admin-directory-sync.md

@@ -55,3 +55,7 @@ Note that Workspace require credentials with read only access over AD or EntraID
 I also don't know where does Google store the AD credentials or EntraID token and you **can't recover them re-configuring the synchronizarion** (they don't appear in the web form, you need to give them again). However, from the web it might be possible to abuse the current functionality to **list users and groups**.
 
 {{#include ../../../banners/hacktricks-training.md}}
+
+
+
+