From 942b8599a4706c6c96ddefadd094365e0f832b5e Mon Sep 17 00:00:00 2001
From: CPol <carlospolop@gmail.com>
Date: Sat, 9 Mar 2024 19:38:29 +0000
Subject: [PATCH] GITBOOK-598: change request with no subject merged in GitBook

---
 .../gcp-persistence/gcp-non-svc-persistance.md         | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md b/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md
index 111680aab3..4e73eb7290 100644
--- a/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md
+++ b/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md
@@ -68,6 +68,16 @@ Then, gcloud will use the state and code with a some hardcoded `client_id` (`325
 Note that the communication with localhost is in HTTP, so it it's possible to intercept the data to get a refresh token, however this data is valid just 1 time, so this would be useless, it's easier to just read the refresh token from the file.
 {% endhint %}
 
+### OAuth Scopes
+
+Get all the OAuth scopes executing:
+
+{% code overflow="wrap" %}
+```bash
+curl "https://developers.google.com/identity/protocols/oauth2/scopes" | grep -oE 'https://www.googleapis.com/auth/[a-zA-A/\-\._]*' | sort -u
+```
+{% endcode %}
+
 ### Service Accounts
 
 Just like with authenticated users, if you manage to **compromise the private key file** of a service account you will be able to **access it usually as long as you want**.\