Skip to content

Dataflow exploit#12

Open
4ndygu wants to merge 17 commits intodxa4481:masterfrom
4ndygu:dataflow
Open

Dataflow exploit#12
4ndygu wants to merge 17 commits intodxa4481:masterfrom
4ndygu:dataflow

Conversation

@4ndygu
Copy link

@4ndygu 4ndygu commented Dec 10, 2020

More just leaving this here for historical purposes, as it has a dependency on the Compute PR.

This PR takes advantage of the worker_harness_container_image parameter for Dataflow, assuming that a user has the user_runner_v2 parameter open. Because the container image is uncontrolled, a user can push to an arbitrary Docker container which reaches out to the Metadata service and pushes the relevant credentials to an attacker's GCS bucket of choice.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant