GCPgoat Scenarios

5 min readOct 26, 2022

https://gcpgoat.joshuajebaraj.com/

Scenario-1 Attacking Compute Engine

Deployment

./create-scenario-1.sh

Web Server: 35.194.173.109

2. Enumerating web server and finding ssrf-

a. This web app loads websites and shows http responses-

b. Intercept the http traffic in burp proxy and submit collaborator domain in url we got HTTP interaction from IP 35.194.173.109 validating the SSRF-

3. Exploiting SSRF-

Header- Metadata-Flavor: Google

Note: “Metadata-Flavor: Google” http header is required with ssrf request in GCP.

URL- http://169.254.169.254/computeMetadata/v1/?recursive=true&alt=text

GCPgoat Scenarios

Scenario-1 Attacking Compute Engine

Written by n00🔑