Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Check how you could use different Google platforms such as Drive, Chat, Groups... to send the victim a phishing link and how to perform a Google OAuth Phishing in:
{% content-ref url="gws-google-platforms-phishing/" %} gws-google-platforms-phishing {% endcontent-ref %}
In order to test passwords with all the emails you found (or you have generated based in a email name pattern you might have discover) you could use a tool like https://github.com/ustayready/CredKing (although it looks unmaintained) which will use AWS lambdas to change IP address.
If you have compromised some credentials or the session of the user you can perform several actions to access potential sensitive information of the user and to try to escala privileges:
{% content-ref url="gws-post-exploitation.md" %} gws-post-exploitation.md {% endcontent-ref %}
{% content-ref url="../gcp-security/gcp-to-workspace-pivoting/" %} gcp-to-workspace-pivoting {% endcontent-ref %}
If you have compromised some credentials or the session of the user check these options to maintain persistence over it:
{% content-ref url="gws-persistence.md" %} gws-persistence.md {% endcontent-ref %}
- Log out of all sessions
- Change user password
- Generate new 2FA backup codes
- Remove App passwords
- Remove OAuth apps
- Remove 2FA devices
- Remove email forwarders
- Remove emails filters
- Remove recovery email/phones
- Removed malicious synced smartphones
- Remove bad Android Apps
- Remove bad account delegations
- https://www.youtube-nocookie.com/embed/6AsVUS79gLw - Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
- https://www.youtube.com/watch?v=KTVHLolz6cE - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.