GCPGoat(ine) GCP CTF solution Module 1-Path 1(abusing storage buckets permissions, privesc to role/owner)
Hi readers, here we will be solving the GCPGoat module 1(Path 1).
We will be going through the first path in this walk-through as shown in the diagram below.
Video Walk-through:
https://www.youtube.com/watch?v=cM46_c-zxh4
Solving Challenge-
- Finding storage buckets being used by web app-
a. In the previous path (https://www.youtube.com/watch?v=dtLg4Z8bHNk&t=498s), we found a GCP storage bucket in save image from url functionality-
https://storage.googleapis.com/function-bucket-747e0118981a6000/images/20221230150416627191.png
Bucket Name: function-bucket-747e0118981a6000
b. Upon checking the burp’s target sitemap
We found one more storage bucket-