我意外地透露了我的Firebase项目证书,有人开始挖掘加密货币。攻击是多么?
我忘了添加到gitignore文件中,其中包括:
{
"type":
"project_id": ,
"private_key_id":
"private_key":
"client_email":
"client_id":
"auth_uri":
"token_uri":
"auth_provider_x509_cert_url":
"client_x509_cert_url":
}
在同一天,有人使用我的项目创建了VM和我的加密货币(正如Google所说)。 有人如何使用我的项目?我认为攻击者还需要Firebase凭证来造成一些伤害。我在Google帐户上没有发现任何可疑行为,用于登录Firebase,因此攻击者可以访问我的计算机(?)。
I have forgot to add to gitignore file, which included:
{
"type":
"project_id": ,
"private_key_id":
"private_key":
"client_email":
"client_id":
"auth_uri":
"token_uri":
"auth_provider_x509_cert_url":
"client_x509_cert_url":
}
and on the same day someone used my project to create a VMs and mine crypto (as google said).
How is it possible that someone used my project? I thought that the attacker also needs Firebase credentials to do some harm. I didn't find any suspicious behavior on the google account used to login into firebase, so maybe attacker had access to my computer (?).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您所描述的是“ nofollow noreferrer”> json键文件/a>,取决于给予该帐户的权限,它可用于创建包括VM在内的其他资源。这就是为什么最好使用最少特权原则的最佳实践的原因,请检查:使用云功能的最小特权使用云IAM
What you are describing is a JSON Key file for a service account, depending on the permissions given to such account it can be used to create other resources including VMs. That is the reason why is best practice to use principle of least privilege, check: Least privilege for Cloud Functions using Cloud IAM