Gain Entry to GCP via GitLab Commit
See how leaked credentials in a public git repository can give threat actors a route into a cloud environment
Gain Entry to GCP via GitLab Commit
See how leaked credentials in a public git repository can give threat actors a route into a cloud environment
Overview
We have created this beginner-friendly lab to showcase how accidental commits to public git repositories can result in threat actors getting a foothold in a GCP environment. It introduces GCP services and moving laterally between them. It also provides an awareness of how this scenario could have been prevented.
Scenario
On an external engagement for our new client, the global company Gigantic Retail, your team has identified a public GitLab repository. Can you check it out, and look for a way into their cloud environment?
Lab prerequisites
Learning outcomes
- Reveal secrets in GitLab commits
- Enumerate and graphically visualize IAM permissions
- Identify other cloud services in the GCP project
- Access secrets from Secret Manager
- Enumerate and exfiltrate data from a MySQL database
- Understand how this could have been prevented
Real-world context
Leaked credentials in public git repositories is unfortunately a very common issue. Even if secrets are only exposed for a matter of hours or even minutes, this can result in a breach as threat actors are continuously scanning these repositories for leaks. Once in an on-premise or cloud environment it's important to get situational awareness and an understanding of the environment before attempting to move laterally and vertically within it.
Pwned Labs:
Your cloud security training ground
Experience, real-world, byte sized cloud security labs for training cyber warriors. From beginners to pros, our engaging platform allows you to secure your defenses, ignite your career and stay ahead of threats.