Dan Goodman

I can try to get more info next time I get to my computer. There was no org, I was testing this from a new gcp project with all of...

I also have been getting this warning when using the `actas` exploit: ```~~~~~~~~~~ Deploying function (may take a while - up to 2 minutes)... WARNING: Setting IAM policy failed, try...

Other than that warning im not getting the loop anymore after deleting the `db` folder, weird.

If maybe I could suggest a feature, a way to export the service account tokens? So one could do other stuff with them rather than just what is built in...

Ah ok, another major bug. It seems like the dataproc worked the first time, but when I went to run commands afterward it kept just running the dataproc exploit again:...

Yeah it seems to do that —member automatically from my testing On Tue, Aug 11, 2020 at 6:07 PM Dylan Ayrey wrote: > Okay so a few things --member=allUsers fails...

Yeah that’s exactly what I’ve been doing, I make a SA key immediately with the token. On Tue, Aug 11, 2020 at 8:26 PM Dylan Ayrey wrote: > Oh, and...

Yeah that sounds pretty good! On Tue, Aug 11, 2020 at 8:30 PM Dylan Ayrey wrote: > Yeah so a hacky thing the code does right now is: > >...

Yeah, there are also a bunch of other priv. esc. techniques that can also be used for lateral movement. Check this list of them: https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ I've tested using their scripts...

Getting this in would be sublime, would love official fastify support!