/gcp_enum.sh
Last active Oct 1, 2019
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
| # gcloud auth activate-service-account --key-file=85.json | |
| # gcloud projects list | |
| project="my-projet" | |
| space="" | |
| echo "gcloud auth list" | |
| gcloud auth list | |
| echo -e "$space" | |
| echo "[+] Enumerate project info [+]" | |
| echo "gcloud projects list" | |
| gcloud projects list | |
| echo -e "$space" | |
| echo "gcloud projects get-iam-policy $project" | |
| gcloud projects get-iam-policy $project | |
| echo -e "$space" | |
| echo "[+] List services accounts for the project [+]" | |
| echo "gcloud iam service-accounts list --project=$project" | |
| gcloud iam service-accounts list --project=$project | |
| echo -e "$space" | |
| echo "[+] List services for the project [+]" | |
| echo "gcloud services list --project=$project" | |
| gcloud services list --project=$project | |
| echo -e "$space" | |
| echo "[+] App access [+]" | |
| echo "gcloud app instances list --project=$project" | |
| gcloud app instances list --project=$project | |
| echo -e "$space" | |
| echo "gcloud app services list --project=$project" | |
| gcloud app services list --project=$project | |
| echo -e "$space" | |
| echo "gcloud app domain-mappings list --project=$project" | |
| gcloud app domain-mappings list --project=$project | |
| echo -e "$space" | |
| echo "gcloud app firewall-rules list --project=$project" | |
| gcloud app firewall-rules list --project=$project | |
| echo -e "$space" | |
| echo "gcloud app operations list --project=$project" | |
| gcloud app operations list --project=$project | |
| echo -e "$space" | |
| echo "[+] Bigquery access [+]" | |
| echo "bq ls --format=prettyjson --project_id $project" | |
| bq ls --format=prettyjson --project_id $project | |
| echo -e "$space" | |
| echo "[+] Bigtable access [+]" | |
| echo "gcloud bigtable clusters list --project=$project" | |
| gcloud bigtable clusters list --project=$project | |
| echo -e "$space" | |
| echo "gcloud bigtable instances list --project=$project" | |
| gcloud bigtable instances list --project=$project | |
| echo -e "$space" | |
| echo "[+] Builds access [+]" | |
| echo "gcloud builds list --project=$project" | |
| gcloud builds list --project=$project | |
| echo -e "$space" | |
| echo "[+] Compute access [+]" | |
| echo "gcloud compute instances list --filter=RUNNING --project=$project" | |
| gcloud compute instances list --filter=RUNNING --project=$project | |
| echo -e "$space" | |
| echo "gcloud compute images list --project=$project" | |
| gcloud compute images list --project=$project | |
| echo -e "$space" | |
| echo "gcloud compute firewall-rules list --project=$project" | |
| gcloud compute firewall-rules list --project=$project | |
| echo -e "$space" | |
| echo "[+] Container access [+]" | |
| echo "gcloud container images list --project=$project" | |
| gcloud container images list --project=$project | |
| echo -e "$space" | |
| echo "gcloud container clusters list --project=$project" | |
| gcloud container clusters list --project=$project | |
| echo -e "$space" | |
| echo "[+] Dataflow access [+]" | |
| echo "gcloud dataflow jobs list --project=$project" | |
| gcloud dataflow jobs list --project=$project | |
| echo -e "$space" | |
| echo "[+] Dataproc access [+]" | |
| echo "gcloud dataproc clusters list --project=$project" | |
| gcloud dataproc clusters list --project=$project | |
| echo -e "$space" | |
| echo "gcloud dataproc jobs list --project=$project" | |
| gcloud dataproc jobs list --project=$project | |
| echo -e "$space" | |
| echo "[+] Datastore access [+]" | |
| echo "gcloud datastore indexes list --project=$project" | |
| gcloud datastore indexes list --project=$project | |
| echo -e "$space" | |
| echo "[+] Debug access [+]" | |
| echo "gcloud debug targets list --project=$project" | |
| gcloud debug targets list --project=$project | |
| echo -e "$space" | |
| echo "gcloud debug snapshots list --project=$project" | |
| gcloud debug snapshots list --project=$project | |
| echo -e "$space" | |
| echo "[+] Deployment-Manager access [+]" | |
| echo "gcloud deployment-manager deployments list --project=$project" | |
| gcloud deployment-manager deployments list --project=$project | |
| echo -e "$space" | |
| echo "[+] DNS access [+]" | |
| echo "gcloud dns managed-zones list --project=$project" | |
| gcloud dns managed-zones list --project=$project | |
| echo -e "$space" | |
| echo "gcloud dns project-info describe $project" | |
| gcloud dns project-info describe $project | |
| echo -e "$space" | |
| echo "[+] Domains access [+]" | |
| echo "gcloud domains list-user-verified --project=$project" | |
| gcloud domains list-user-verified --project=$project | |
| echo -e "$space" | |
| echo "[+] Endpoints access [+]" | |
| echo "gcloud endpoints services list --project=$project" | |
| gcloud endpoints services list --project=$project | |
| echo -e "$space" | |
| echo "[+] Functions access [+]" | |
| echo "gcloud functions list --project=$project" | |
| gcloud functions list --project=$project | |
| echo -e "$space" | |
| echo "[+] IOT access [+]" | |
| echo "gcloud iot registries list --project=$project --region=us-central1" | |
| gcloud iot registries list --project=$project --region=us-central1 | |
| echo "gcloud iot registries list --project=$project --region=europe-west1" | |
| gcloud iot registries list --project=$project --region=europe-west1 | |
| echo "gcloud iot registries list --project=$project --region=asia-east1" | |
| gcloud iot registries list --project=$project --region=asia-east1 | |
| echo -e "$space" | |
| echo "[+] KMS access [+]" | |
| echo "gcloud kms keyrings list --project=$project --location=global" | |
| gcloud kms keyrings list --project=$project --location=global | |
| echo "gcloud kms keyrings list --project=$project --location=us" | |
| gcloud kms keyrings list --project=$project --location=us | |
| echo -e "$space" | |
| echo "[+] Logging access [+]" | |
| echo "gcloud logging logs list --project=$project" | |
| gcloud logging logs list --project=$project | |
| echo -e "$space" | |
| echo "[+] ML access [+]" | |
| echo "gcloud ml-engine jobs list --project=$project" | |
| gcloud ml-engine jobs list --limit=100 --project=$project | |
| echo -e "$space" | |
| echo "[+] Organizations access [+]" | |
| echo "gcloud organizations list --project=$project" | |
| gcloud organizations list --project=$project | |
| echo -e "$space" | |
| echo "[+] PubSub access [+]" | |
| echo "gcloud pubsub subscriptions list --project=$project" | |
| gcloud pubsub subscriptions list --project=$project | |
| echo "gcloud pubsub topics list --project=$project" | |
| gcloud pubsub topics list --project=$project | |
| echo -e "$space" | |
| echo "[+] Redis access [+]" | |
| echo "gcloud redis instances list --region=asia-east1 --project=$project" | |
| gcloud redis instances list --region=asia-east1 --project=$project | |
| echo "gcloud redis instances list --region=asia-northeast1 --project=$project" | |
| gcloud redis instances list --region=asia-northeast1 --project=$project | |
| echo "cloud redis instances list --region=asia-southeast1 --project=$project" | |
| gcloud redis instances list --region=asia-southeast1 --project=$project | |
| echo "gcloud redis instances list --region=australia-southeast1 --project=$project" | |
| gcloud redis instances list --region=australia-southeast1 --project=$project | |
| echo "gcloud redis instances list --region=europe-north1 --project=$project" | |
| gcloud redis instances list --region=europe-north1 --project=$project | |
| echo "gcloud redis instances list --region=europe-west1 --project=$project" | |
| gcloud redis instances list --region=europe-west1 --project=$project | |
| echo "gcloud redis instances list --region=europe-west2 --project=$project" | |
| gcloud redis instances list --region=europe-west2 --project=$project | |
| echo "gcloud redis instances list --region=europe-west3 --project=$project" | |
| gcloud redis instances list --region=europe-west3 --project=$project | |
| echo "gcloud redis instances list --region=europe-west4 --project=$project" | |
| gcloud redis instances list --region=europe-west4 --project=$project | |
| echo "gcloud redis instances list --region=us-central1 --project=$project" | |
| gcloud redis instances list --region=us-central1 --project=$project | |
| echo "gcloud redis instances list --region=us-east1 --project=$project" | |
| gcloud redis instances list --region=us-east1 --project=$project | |
| echo "gcloud redis instances list --region=us-east4 --project=$project" | |
| gcloud redis instances list --region=us-east4 --project=$project | |
| echo "gcloud redis instances list --region=us-west1 --project=$project" | |
| gcloud redis instances list --region=us-west1 --project=$project | |
| echo "gcloud redis instances list --region=us-west2 --project=$project" | |
| gcloud redis instances list --region=us-west2 --project=$project | |
| echo -e "$space" | |
| echo "[+] Source access [+]" | |
| echo "gcloud source repos list --project=$project" | |
| gcloud source repos list --project=$project | |
| echo -e "$space" | |
| echo "[+] Spanner access [+]" | |
| echo "gcloud spanner instances list --project=$project" | |
| gcloud spanner instances list --project=$project | |
| echo -e "$space" | |
| echo "[+] SQL access [+]" | |
| echo "gcloud sql instances list --project=$project" | |
| gcloud sql instances list --project=$project | |
| echo -e "$space" | |
| echo "[+] Storage access [+]" | |
| echo "gsutil ls -p $project" | |
| gsutil ls -p $project | |
| echo -e "$space" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment