GCP - ClientAuthConfig Privesc

支持 HackTricks

创建 OAuth 品牌和客户端

根据文档,这些是所需的权限:

  • clientauthconfig.brands.list

  • clientauthconfig.brands.create

  • clientauthconfig.brands.get

  • clientauthconfig.clients.create

  • clientauthconfig.clients.listWithSecrets

  • clientauthconfig.clients.getWithSecret

  • clientauthconfig.clients.delete

  • clientauthconfig.clients.update

# Create a brand
gcloud iap oauth-brands list
gcloud iap oauth-brands create --application_title=APPLICATION_TITLE --support_email=SUPPORT_EMAIL
# Create a client of the brand
gcloud iap oauth-clients create projects/PROJECT_NUMBER/brands/BRAND-ID --display_name=NAME
支持 HackTricks

Last updated