Avec le code suivant pris ici, vous pouvez trouver des services Cloud Run qui permettent des invocations non authentifiées.
#!/bin/bash############################# Run this tool to find Cloud Run services that permit unauthenticated# invocations anywhere in your GCP organization.# Enjoy!############################for proj in$(gcloudprojectslist--format="get(projectId)"); doecho"[*] scraping project $proj"enabled=$(gcloudserviceslist--project "$proj" |grep "Cloud Run API")if [ -z"$enabled" ]; thencontinuefifor run in$(gcloudrunserviceslist--platformmanaged--quiet--project $proj --format="get(name)"); doACL="$(gcloudrunservicesget-iam-policy $run --platformmanaged--project $proj)"all_users="$(echo $ACL |grepallUsers)"all_auth="$(echo $ACL |grepallAuthenticatedUsers)"if [ -z"$all_users" ]then:elseecho"[!] Open to all users: $proj: $run"fiif [ -z"$all_auth" ]then:elseecho"[!] Open to all authenticated users: $proj: $run"fidonedone
