# GCP - Source Repositories Enum
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
## Basic Information
Google Cloud Source Repositories is a fully-featured, scalable, **private Git repository service**. It's designed to **host your source code in a fully managed environment**, integrating seamlessly with other GCP tools and services. It offers a collaborative and secure place for teams to store, manage, and track their code.
Key features of Cloud Source Repositories include:
1. **Fully Managed Git Hosting**: Offers the familiar functionality of Git, meaning you can use regular Git commands and workflows.
2. **Integration with GCP Services**: Integrates with other GCP services like Cloud Build, Pub/Sub, and App Engine for end-to-end traceability from code to deployment.
3. **Private Repositories**: Ensures your code is stored securely and privately. You can control access using Cloud Identity and Access Management (IAM) roles.
4. **Source Code Analysis**: Works with other GCP tools to provide automated analysis of your source code, identifying potential issues like bugs, vulnerabilities, or bad coding practices.
5. **Collaboration Tools**: Supports collaborative coding with tools like merge requests, comments, and reviews.
6. **Mirror Support**: Allows you to connect Cloud Source Repositories with repositories hosted on GitHub or Bitbucket, enabling automatic synchronization and providing a unified view of all your repositories.
### OffSec information
* The source repositories configuration inside a project will have a **Service Account** used to publishing Cloud Pub/Sub messages. The default one used is the **Compute SA**. However, **I don't think it's possible steal its token** from Source Repositories as it's being executed in the background.
* To see the code inside the GCP Cloud Source Repositories web console ([https://source.cloud.google.com/](https://source.cloud.google.com/)), you need the code to be **inside master branch by default**.
* You can also **create a mirror Cloud Repository** pointing to a repo from **Github** or **Bitbucket** (giving access to those platforms).
* It's possible to **code & debug from inside GCP**.
* By default, Source Repositories **prevents private keys to be pushed in commits**, but this can be disabled.
### Open In Cloud Shell
It's possible to open the repository in Cloud Shell, a prompt like this one will appear:
This will allow you to code and debug in Cloud Shell (which could get cloudshell compromised).
### Enumeration
{% code overflow="wrap" %}
```bash
# Repos enumeration
gcloud source repos list #Get names and URLs
gcloud source repos describe
gcloud source repos get-iam-policy
# gcloud repo clone
gcloud source repos clone
gcloud source repos get-iam-policy
... git add & git commit -m ...
git push --set-upstream origin master
git push -u origin master
# Access via git
## To add a SSH key go to https://source.cloud.google.com/user/ssh_keys (no gcloud command)
git clone ssh://username@domain.com@source.developers.google.com:2022/p//r/
git add, commit, push...
```
{% endcode %}
### Privilege Escalation & Post Exploitation
{% content-ref url="../gcp-privilege-escalation/gcp-sourcerepos-privesc.md" %}
[gcp-sourcerepos-privesc.md](../gcp-privilege-escalation/gcp-sourcerepos-privesc.md)
{% endcontent-ref %}
### Unauthenticated Enum
{% content-ref url="../gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.md" %}
[gcp-source-repositories-unauthenticated-enum.md](../gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.md)
{% endcontent-ref %}
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
.png)
 (1) (1) (1).png)
[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte) (1).png)
[**HackTricks Training GCP Red Team Expert (GRTE)**