YoVDO

Lateral Movement and Privilege Escalation in GCP - Compromise Organizations without Dropping an Implant

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cloud Security Courses Privilege Escalation Courses Lateral Movement Courses

Course Description

Overview

Explore techniques for lateral movement and privilege escalation in Google Cloud Platform without implant deployment in this 41-minute Black Hat conference talk. Dive into GCP's unique security model, contrasting it with AWS, and learn how default administrative capabilities in services like Spark jobs, Cloud Functions, and Jupyter Notebooks can be exploited. Understand the critical 'actAs' permission and its role in assuming service account identities across projects. Witness demonstrations of identity compromise, privilege escalation, and widespread project compromise techniques specific to Google Cloud. Gain insights into the IAM workflows, primitive roles, and limitations of IAM Analyzer. Access tools for exploitation and comprehensive presentation materials to enhance your understanding of GCP security vulnerabilities and mitigation strategies.

Syllabus

Intro
GCP vs AWS IAM
IAM Workflows
Graphs
Primitive Roles
Demo
Dataproc API
IAM Analyzer
Limitations
Outro


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube