Skip to content

Commit 6b2c22a

Browse files
committed
Normalize Vertex AI docs to enum/privesc/post-exploitation structure
1 parent f69b96a commit 6b2c22a

File tree

5 files changed

+15
-10
lines changed

5 files changed

+15
-10
lines changed

src/SUMMARY.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@
104104
- [GCP - Pub/Sub Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.md)
105105
- [GCP - Secretmanager Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.md)
106106
- [GCP - Security Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.md)
107+
- [GCP - Vertex AI Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md)
107108
- [GCP - Workflows Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.md)
108109
- [GCP - Storage Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.md)
109110
- [GCP - Privilege Escalation](pentesting-cloud/gcp-security/gcp-privilege-escalation/README.md)
@@ -197,7 +198,6 @@
197198
- [GCP - Spanner Enum](pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.md)
198199
- [GCP - Stackdriver Enum](pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.md)
199200
- [GCP - Storage Enum](pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.md)
200-
- [GCP - Vertex AI Agent Engine Abuse](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md)
201201
- [GCP - Vertex AI Enum](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md)
202202
- [GCP - Workflows Enum](pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.md)
203203
- [GCP <--> Workspace Pivoting](pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md)

src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md renamed to src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# GCP - Vertex AI Agent Engine Abuse
1+
# GCP - Vertex AI Post Exploitation
22

33
{{#include ../../../banners/hacktricks-training.md}}
44

@@ -9,7 +9,7 @@ This page focuses on **Vertex AI Agent Engine / Reasoning Engine** workloads tha
99
For the general Vertex AI overview check:
1010

1111
{{#ref}}
12-
gcp-vertex-ai-enum.md
12+
../gcp-services/gcp-vertex-ai-enum.md
1313
{{#endref}}
1414

1515
For classic Vertex AI privesc paths using custom jobs, models, and endpoints check:
@@ -182,7 +182,7 @@ This is valuable even if write access is blocked because it exposes:
182182
For more Artifact Registry background check:
183183

184184
{{#ref}}
185-
gcp-artifact-registry-enum.md
185+
../gcp-services/gcp-artifact-registry-enum.md
186186
{{#endref}}
187187

188188
## Tenant-project pivot: deployment artifact retrieval

src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ An attacker with the mentioned permissions will be able to **request an access t
4242
For a **resource-driven** variant where attacker-controlled code steals a **managed Vertex AI Agent Engine runtime token** from the metadata service and reuses it as the Vertex AI service agent, check:
4343

4444
{{#ref}}
45-
../gcp-services/gcp-vertex-ai-agent-engine-abuse.md
45+
../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
4646
{{#endref}}
4747

4848
```bash
@@ -164,4 +164,3 @@ You can find an example on how to create and OpenID token behalf a service accou
164164

165165
{{#include ../../../banners/hacktricks-training.md}}
166166

167-

src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,10 @@ For more information about Vertex AI check:
1010
../gcp-services/gcp-vertex-ai-enum.md
1111
{{#endref}}
1212

13-
For **Agent Engine / Reasoning Engine** abuse using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check:
13+
For **Agent Engine / Reasoning Engine** post-exploitation paths using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check:
1414

1515
{{#ref}}
16-
../gcp-services/gcp-vertex-ai-agent-engine-abuse.md
16+
../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
1717
{{#endref}}
1818

1919
### `aiplatform.customJobs.create`, `iam.serviceAccounts.actAs`

src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,10 @@
1414

1515
### Agent Engine / Reasoning Engine
1616

17-
For **Agent Engine / Reasoning Engine** specific enumeration and abuse paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check:
17+
For **Agent Engine / Reasoning Engine** specific enumeration and post-exploitation paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check:
1818

1919
{{#ref}}
20-
gcp-vertex-ai-agent-engine-abuse.md
20+
../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
2121
{{#endref}}
2222

2323
### Key Components
@@ -271,6 +271,12 @@ In the following page, you can check how to **abuse Vertex AI permissions to esc
271271
../gcp-privilege-escalation/gcp-vertex-ai-privesc.md
272272
{{#endref}}
273273

274+
### Post Exploitation
275+
276+
{{#ref}}
277+
../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
278+
{{#endref}}
279+
274280
## References
275281

276282
- [https://cloud.google.com/vertex-ai/docs](https://cloud.google.com/vertex-ai/docs)

0 commit comments

Comments
 (0)