Google's Cloud Shell has an undocumented v2 API which supports establishing TCP connections to arbitrary TCP IP:port destinations. From security point of view, this is an attack vector, so I built a client tool to play with this feature. (I did not manage to establish connections to anything sensitive, e.g. internal IP addresses or the metadata server.)
-
Notifications
You must be signed in to change notification settings - Fork 0
irsl/cloud-shell-ssrf
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
Google Cloud Shell SSRF feature PoC tool
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published