Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Google GCP Metadata Service Check

By kannthu

Critical
Vidoc logoVidoc Module
#exposure#config#google#gcp#proxy
Description
Author: sullo Classification CWE-ID: CWE-441 CVSS-Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N CVSS-Score: 9.3 The Google cloud (GCP) host is configured as a proxy which allows access to the instance metadata service. This could allow significant access to the host/infrastructure. Reference - https://cloud.google.com/compute/docs/metadata/default-metadata-values - https://blog.projectdiscovery.io/abusing-reverse-proxies-metadata/ - https://www.mcafee.com/blogs/enterprise/cloud-security/how-an-attacker-could-use-instance-metadata-to-breach-your-app-in-aws/ Remediation Disable the proxy or restrict configuration to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: attributes/
Passive global matcher
No matching conditions.
On match action
Report vulnerability