WRITEUP #1264

GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts

CloudOAuthAuthorization bypass

by@AstrixSecurity(Astrix Security)

Program

Google (GCP)

Published

Apr 20, 2023

Added to HackDex

Apr 29, 2023

Read Full Writeuphttps://astrix.security/ghosttoken-exploiting-gcp-application-infrastructure-to-create-invisible-unremovable-trojan-app-on-google-accounts/

▸ RELATED WRITEUPS

The Hunt for ALBeast: A Technical Walkthrough

CloudAWS ALB

How I Got $250 For My Second Bug on HackerOne

OAuthSession expiration issue

Authorization bypass due to cache misconfiguration

APIAuthorization bypass

Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess

CloudOIDC

Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD

CloudPrivilege escalation

Built with ❤️ by Shubham Rawat