- Published on
The challenge is a webapp that has a Command Injection & SSRF vulnerability, the goal is to chain the vulnerabilities to enumerate the GCP Compute instance and retrieve the Service Account Email ID
Ssrf
All Posts
- machine (13)
- windows (11)
- active-directory (11)
- cyberwarfarelabs (7)
- cloud (7)
- genericall (4)
- gcp (3)
- esc1 (3)
- azure (2)
- command-injection (2)
ssrf (2)
- awscli (2)
- aws (2)
- linux (2)
- genericwrite (2)
- pass-back-attack (2)
- s4u2self (2)
- s4u2proxy (2)
- mssql (2)
- writeowner (2)
- shadow-credentials (2)
- pwn (1)
- malloc (1)
- pwnablexyz (1)
- gcloud-cli (1)
- lambda (1)
- testiampermissions (1)
- ms-graph (1)
- sqlpad (1)
- docker-jail (1)
- port-forwarding (1)
- chrome-pentest (1)
- froxlor (1)
- daloradius (1)
- mosh-server (1)
- forcechangepassword (1)
- pwsafe2john (1)
- dcsync (1)
- ansible2john (1)
- pwm (1)
- certificate-service-dcom-access (1)
- ldap-shell (1)
- schannel (1)
- rid-brute (1)
- sebackupprivilege (1)
- ntlm-relay (1)
- esc4 (1)
- time-skew (1)
- esc16 (1)
- dpapi-credentials (1)
- server-operators (1)
- reverse-engineering (1)
- rbcd (1)
- laps (1)
- pfx2john (1)
- ssl (1)
- readlapspassword (1)
- tombstone (1)
- readgmsapassword (1)
- writespn (1)
- kerberoast (1)
- addself (1)
- esc15 (1)
- Published on
The challenge is a webapp that has a SSRF vulnerability, the goal of the challenge is to exploit the vulnerability to steal sensitive EC2 metadata, then use the IAM credentials to make an authenticated API call and retrive the Instance ID which is the flag