Links

DO - Functions

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

Basic Information

DigitalOcean Functions, also known as "DO Functions," is a serverless computing platform that lets you run code without having to worry about the underlying infrastructure. With DO Functions, you can write and deploy your code as "functions" that can be triggered via API, HTTP requests (if enabled) or cron. These functions are executed in a fully managed environment, so you don't need to worry about scaling, security, or maintenance.
In DO, to create a function first you need to create a namespace which will be grouping functions. Inside the namespace you can then create a function.

Triggers

The way to trigger a function via REST API (always enabled, it's the method the cli uses) is by triggering a request with an authentication token like:
curl -X POST "https://faas-lon1-129376a7.doserverless.co/api/v1/namespaces/fn-c100c012-65bf-4040-1230-2183764b7c23/actions/functionname?blocking=true&result=true" \
-H "Content-Type: application/json" \
-H "Authorization: Basic MGU0NTczZGQtNjNiYS00MjZlLWI2YjctODk0N2MyYTA2NGQ4OkhwVEllQ2t4djNZN2x6YjJiRmFGc1FERXBySVlWa1lEbUxtRE1aRTludXA1UUNlU2VpV0ZGNjNqWnVhYVdrTFg="
To see how is the doctl cli tool getting this token (so you can replicate it), the following command shows the complete network trace:
doctl serverless connect --trace
When HTTP trigger is enabled, a web function can be invoked through these HTTP methods GET, POST, PUT, PATCH, DELETE, HEAD and OPTIONS.
In DO functions, environment variables cannot be encrypted (at the time of this writing). I couldn't find any way to read them from the CLI but from the console it's straight forward.
Functions URLs look like this: https://<random>.doserverless.co/api/v1/web/<namespace-id>/default/<function-name>

Enumeration

# Namespace
doctl serverless namespaces list
# Functions (need to connect to a namespace)
doctl serverless connect
doctl serverless functions list
doctl serverless functions invoke <func-name>
doctl serverless functions get <func-name>
# Logs of executions
doctl serverless activations list
doctl serverless activations get <activation-id> # Get all the info about execution
doctl serverless activations logs <activation-id> # get only the logs of execution
doctl serverless activations result <activation-id> # get only the response result of execution
# I couldn't find any way to get the env variables form the CLI
There isn't metadata endpoint from the Functions sandbox.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: