You’re a GD Thief!


What is GD-Thief?

How does it work?

Security Bug Reported 4/23/21
Google’s response
Google won’t fix

A Very Effective Attack Path

EvilGinx2 Attack Path

A Tutorial for Using GD-Thief

Create a new Google Cloud Platform (GCP) project

Create a new project
Name the project

Enable a Google Workspace API

API & Services Library
Search for GD API
Enable GD API

Configure OAuth Consent Screen

Configure Consent Screen
OAuth External Application Consent
Application Info
Save Application Info
Add or Remove Scopes
Check all GD API Scopes
Update Scope
Scope list
Save Scope

Create a credential

Create OAuth Client ID Credentials
Select “Desktop App,” name it, and create
OAuth Client created

Add the victim’s Google account to the Application’s Test Users

Add test user

First Time running gd_thief

Using GD-Thief

Wrapping up



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store