From 95f380db6bc71c777dc87e8778e8d68c8f7e7cd7 Mon Sep 17 00:00:00 2001
From: hasshido <hasshido@gmail.com>
Date: Wed, 30 Jul 2025 21:13:32 +0200
Subject: [PATCH] Update gcp-cloudbuild-privesc.md removing
 cloudbuild.builds.update

### `cloudbuild.builds.update`

Currently this permission is listed to **only** be able to be used to use the api method `builds.cancel()` which cannot be abused to change the parameters of an ongoing build

References:
- https://cloud.google.com/build/docs/iam-roles-permissions#permissions
- https://cloud.google.com/build/docs/api/reference/rest/v1/projects.builds/cancel
---
 .../gcp-privilege-escalation/gcp-cloudbuild-privesc.md       | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md
index 5557616d1..b2d8f5443 100644
--- a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md
+++ b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md
@@ -37,11 +37,6 @@ You can find the original exploit script [**here on GitHub**](https://github.com
 
 For a more in-depth explanation, visit [https://rhinosecuritylabs.com/gcp/iam-privilege-escalation-gcp-cloudbuild/](https://rhinosecuritylabs.com/gcp/iam-privilege-escalation-gcp-cloudbuild/)
 
-### `cloudbuild.builds.update`
-
-**Potentially** with this permission you will be able to **update a cloud build and just steal the service account token** like it was performed with the previous permission (but unfortunately at the time of this writing I couldn't find any way to call that API).
-
-TODO
 
 ### `cloudbuild.repositories.accessReadToken`