GCP - Cloud Shell Enum

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

Google Cloud Shell is an interactive shell environment for Google Cloud Platform (GCP) that provides you with command-line access to your GCP resources directly from your browser or shell. It's a managed service provided by Google, and it comes with a pre-installed set of tools, making it easier to manage your GCP resources without having to install and configure these tools on your local machine. Moreover, its offered at no additional cost.

Any user of the organization (Workspace) is able to execute gcloud cloud-shell ssh and get access to his cloudshell environment. However, Service Accounts can't, even if they are owner of the organization.

There aren't permissions assigned to this service, therefore the aren't privilege escalation techniques. Also there isn't any kind of enumeration.

Note that Cloud Shell can be easily disabled for the organization.

Post Exploitation

GCP - Cloud Shell Post Exploitation

Persistence

GCP - Cloud Shell Persistence

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousGCP - Cloud Run Enum NextGCP - Cloud SQL Enum

Last updated 8 days ago