gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-12 15:50:19 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update gcp-cloudbuild-privesc.md removing cloudbuild.builds.update

Browse Source 
### `cloudbuild.builds.update`

Currently this permission is listed to **only** be able to be used to use the api method `builds.cancel()` which cannot be abused to change the parameters of an ongoing build

References:
- https://cloud.google.com/build/docs/iam-roles-permissions#permissions
- https://cloud.google.com/build/docs/api/reference/rest/v1/projects.builds/cancel
This commit is contained in:
hasshido
2025-07-30 21:13:32 +02:00
committed by GitHub
parent 65da889db0
commit 95f380db6b
1 changed files with 0 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md
View File

@@ -37,11 +37,6 @@ You can find the original exploit script [**here on GitHub**](https://github.com
For a more in-depth explanation, visit [https://rhinosecuritylabs.com/gcp/iam-privilege-escalation-gcp-cloudbuild/](https://rhinosecuritylabs.com/gcp/iam-privilege-escalation-gcp-cloudbuild/)
### `cloudbuild.builds.update`
**Potentially** with this permission you will be able to **update a cloud build and just steal the service account token** like it was performed with the previous permission (but unfortunately at the time of this writing I couldn't find any way to call that API).
TODO
### `cloudbuild.repositories.accessReadToken`