No IP, No Problem: Exfiltrating Data Behind IAP
Unknown
BSides Las Vegas 2025 · Day 1
Ariel Kalman presents an attack path against **Google Cloud Platform**’s **Identity-Aware Proxy (IAP)**, framed as an **identity firewall** that intercepts requests to protected applications, enforces **authentication** and **authorization**, and injects authentication headers for successful sessions. The talk’s headline scenario is **data exfiltration without direct outbound connectivity** from a restricted internal environment: an internal actor with deployment rights manipulates **CORS** response headers, while an external collaborator issues **unauthenticated HTTP OPTIONS** requests that IAP allows through when a specific setting—**Allow HTTP options** (described as controlling **CORS preflight**)—is enabled. The speaker states **GCP** acknowledged the behavior, updated **IAP documentation** to highlight risk, and chose **not to change** the mechanism at that time (per the talk; future change left open).
AI review
Clever abuse of the intersection between browser CORS preflight semantics and IAP’s OPTIONS exception—less about firewall bypass than turning headers into a unidirectional covert channel. Well explained for defenders, with a realistic detection hook on deployment abuse.