gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-03 00:09:59 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/pentesting-cloud/azure-security/az-privilege-escalation

Browse Source
This commit is contained in:
Translator
2025-01-09 01:06:27 +00:00
parent b7f6ca304c
commit 9266129663
2 changed files with 61 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
src/pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.md
View File

@@ -1,37 +1,38 @@
# GCP - Bronrepositories Enum
# GCP - Source Repositories Enum
{{#include ../../../banners/hacktricks-training.md}}
## Basiese Inligting <a href="#reviewing-cloud-git-repositories" id="reviewing-cloud-git-repositories"></a>
## Basic Information <a href="#reviewing-cloud-git-repositories" id="reviewing-cloud-git-repositories"></a>
Google Cloud Source Repositories is 'n volledig funksionele, skaalbare, **privaat Git-repositorydiens**. Dit is ontwerp om **jou bronnekode in 'n volledig bestuurde omgewing te huisves**, wat naatloos integreer met ander GCP-gereedskap en -dienste. Dit bied 'n samewerkende en veilige plek vir spanne om hul kode te stoor, te bestuur en te volg.
Google Cloud Source Repositories is a fully-featured, scalable, **private Git repository service**. It's designed to **host your source code in a fully managed environment**, integrating seamlessly with other GCP tools and services. It offers a collaborative and secure place for teams to store, manage, and track their code.
Belangrike kenmerke van Cloud Source Repositories sluit in:
Key features of Cloud Source Repositories include:
1. **Volledig Bestuurde Git Hosting**: Bied die bekende funksionaliteit van Git, wat beteken dat jy gewone Git-opdragte en werkvloei kan gebruik.
2. **Integrasie met GCP Dienste**: Integreer met ander GCP-dienste soos Cloud Build, Pub/Sub, en App Engine vir end-to-end opspoorbaarheid van kode tot implementering.
3. **Privaat Repositories**: Verseker dat jou kode veilig en privaat gestoor word. Jy kan toegang beheer met behulp van Cloud Identity and Access Management (IAM) rolle.
4. **Bronkode Analise**: Werk saam met ander GCP-gereedskap om geoutomatiseerde analise van jou bronnekode te bied, wat potensiële probleme soos foute, kwesbaarhede, of slegte koderingpraktyke identifiseer.
5. **Samewerkingsgereedskap**: Ondersteun samewerkende kodering met gereedskap soos samesmeltingsversoeke, kommentaar, en hersienings.
6. **Spieëlondersteuning**: Laat jou toe om Cloud Source Repositories met repositories wat op GitHub of Bitbucket gehos is, te verbind, wat outomatiese sinkronisasie moontlik maak en 'n verenigde weergawe van al jou repositories bied.
1. **Fully Managed Git Hosting**: Offers the familiar functionality of Git, meaning you can use regular Git commands and workflows.
2. **Integration with GCP Services**: Integrates with other GCP services like Cloud Build, Pub/Sub, and App Engine for end-to-end traceability from code to deployment.
3. **Private Repositories**: Ensures your code is stored securely and privately. You can control access using Cloud Identity and Access Management (IAM) roles.
4. **Source Code Analysis**: Works with other GCP tools to provide automated analysis of your source code, identifying potential issues like bugs, vulnerabilities, or bad coding practices.
5. **Collaboration Tools**: Supports collaborative coding with tools like merge requests, comments, and reviews.
6. **Mirror Support**: Allows you to connect Cloud Source Repositories with repositories hosted on GitHub or Bitbucket, enabling automatic synchronization and providing a unified view of all your repositories.
### OffSec inligting <a href="#reviewing-cloud-git-repositories" id="reviewing-cloud-git-repositories"></a>
### OffSec information <a href="#reviewing-cloud-git-repositories" id="reviewing-cloud-git-repositories"></a>
- Die bronrepositories-konfigurasie binne 'n projek sal 'n **Dienrekening** hê wat gebruik word om Cloud Pub/Sub-boodskappe te publiseer. Die standaard een wat gebruik word, is die **Compute SA**. egter, **ek dink nie dit is moontlik om sy token te steel** van Source Repositories nie, aangesien dit in die agtergrond uitgevoer word.
- Om die kode binne die GCP Cloud Source Repositories-webkonsol te sien ([https://source.cloud.google.com/](https://source.cloud.google.com/)), moet die kode **binne die hooftak wees per standaard**.
- Jy kan ook 'n **spieël Cloud Repository** skep wat na 'n repo van **Github** of **Bitbucket** wys (toegang aan daardie platforms gee).
- Dit is moontlik om **kode & debugg te doen van binne GCP**.
- Per standaard, **verhoed Source Repositories dat privaat sleutels in verbintenisse gepush word**, maar dit kan gedeaktiveer word.
- The source repositories configuration inside a project will have a **Service Account** used to publishing Cloud Pub/Sub messages. The default one used is the **Compute SA**. However, **I don't think it's possible steal its token** from Source Repositories as it's being executed in the background.
- To see the code inside the GCP Cloud Source Repositories web console ([https://source.cloud.google.com/](https://source.cloud.google.com/)), you need the code to be **inside master branch by default**.
- You can also **create a mirror Cloud Repository** pointing to a repo from **Github** or **Bitbucket** (giving access to those platforms).
- It's possible to **code & debug from inside GCP**.
- By default, Source Repositories **prevents private keys to be pushed in commits**, but this can be disabled.
### Open In Cloud Shell
Dit is moontlik om die repository in Cloud Shell te open, 'n prompt soos hierdie sal verskyn:
It's possible to open the repository in Cloud Shell, a prompt like this one will appear:
<figure><img src="../../../images/image (325).png" alt=""><figcaption></figcaption></figure>
Dit sal jou toelaat om te kodeer en te debugg in Cloud Shell (wat cloudshell gecompromitteer kan maak).
This will allow you to code and debug in Cloud Shell (which could get cloudshell compromised).
### Enumeration
### Enumerasie
```bash
# Repos enumeration
gcloud source repos list #Get names and URLs
@@ -42,7 +43,7 @@ gcloud source repos get-iam-policy <repo_name>
gcloud source repos clone <REPO NAME>
gcloud source repos get-iam-policy <REPO NAME>
... git add & git commit -m ...
git push --set-upstream origin master
git push --set-upstream origin $BRANCH
git push -u origin master
# Access via git
@@ -50,16 +51,20 @@ git push -u origin master
git clone ssh://username@domain.com@source.developers.google.com:2022/p/<proj-name>/r/<repo-name>
git add, commit, push...
```
### Privilege Escalation & Post Exploitation
{{#ref}}
../gcp-privilege-escalation/gcp-sourcerepos-privesc.md
{{#endref}}
### Ongeauthentiseerde Enum
### Unauthenticated Enum
{{#ref}}
../gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.md
{{#endref}}
{{#include ../../../banners/hacktricks-training.md}}