SheetsAttack! is a Python post-exploitation script that enables red teamers to pillage Google Sheets if you uncover a Google Workspaces (G-Suite) credential file. With this script, you can easily discover worksheet files, list sheets within those files, and retrieve the contents of specific sheets.
-
Clone this repository or download the
sheetsattack.py
script to your local machine. -
Make sure you have Python 3 installed. If not, you can download it from Python's official website.
-
Install the required Python packages using pip:
pip3 install google-auth google-auth-oauthlib google-auth-httplib2 google-api-python-client gspread
-
Obtain a Google Service Account JSON key file and save it as
key.json
. Follow Google's instructions on how to create a service account and get the JSON key file if you're wanting to test before live firing on a gig. -
Set the
GOOGLE_APPLICATION_CREDENTIALS
environment variable to point to yourkey.json
file:export GOOGLE_APPLICATION_CREDENTIALS=/path/to/key.json
SheetsAttack! provides several commands to manage your Google Sheets:
To list the names of all accessible worksheet files, use the following command:
python3 sheetsattack.py --list-worksheet-files
To list the sheets contained in a specific worksheet file, provide the --spreadsheet-name
flag with the desired spreadsheet's name:
python3 sheetsattack.py --list-sheets --spreadsheet-name SPREADSHEET_NAME
To retrieve the contents of a specified worksheet, provide the --spreadsheet-name
flag with the desired spreadsheet's name and the --worksheet-name
flag with the name of the worksheet:
python3 sheetsattack.py --get-content --spreadsheet-name SPREADSHEET_NAME --worksheet-name WORKSHEET_NAME
Example:
python3 sheetsattack.py --get-content --spreadsheet-name MyData --worksheet-name Sheet1
- Add functionality to enumerate gdrive or other services, might branch to another project altogether