- Published on
The challenge provides JSON credentials that can be used to authenticate and enumerate IAM Policies. The service account has policies that enable them to enumerate Storage Managers and Cloud Functions. After retrieving a a partial source code of a certain Cloud function, it was discovered that it was possible to invoke a limited access internal function by using an external function as a proxy. Thus, exfiltrating the flag