Lateral Movement and Privilege Escalation in GCP - Compromise Organizations without Dropping an Implant

Explore techniques for lateral movement and privilege escalation in Google Cloud Platform without implant deployment in this 41-minute Black Hat conference talk. Dive into GCP's unique security model, contrasting it with AWS, and learn how default administrative capabilities in services like Spark jobs, Cloud Functions, and Jupyter Notebooks can be exploited. Understand the critical 'actAs' permission and its role in assuming service account identities across projects. Witness demonstrations of identity compromise, privilege escalation, and widespread project compromise techniques specific to Google Cloud. Gain insights into the IAM workflows, primitive roles, and limitations of IAM Analyzer. Access tools for exploitation and comprehensive presentation materials to enhance your understanding of GCP security vulnerabilities and mitigation strategies.

Intro
GCP vs AWS IAM
IAM Workflows
Graphs
Primitive Roles
Demo
Dataproc API
IAM Analyzer
Limitations
Outro