Links

GCP - Secretmanager Privesc

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

secretmanager

For more information about secretmanager:

secretmanager.versions.access

This give you access to read the secrets from the secret manager and maybe this could help to escalate privielegs (depending on which information is sotred inside the secret):
# Get clear-text of version 1 of secret: "<secret name>"
gcloud secrets versions access 1 --secret="<secret_name>"
As this is also a post exploitation technique it can be found in:

secretmanager.secrets.setIamPolicy

This give you access to give you access to read the secrets from the secret manager.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: