GCP - Storage Post Exploitation

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Cloud Storage

Kwa maelezo zaidi kuhusu Cloud Storage angalia ukurasa huu:

GCP - Storage Enum

Give Public Access

Inawezekana kutoa watumiaji wa nje (walioingia GCP au la) ufikiaji wa maudhui ya bakuli. Hata hivyo, kwa kawaida bakuli itakuwa na chaguo la kuzima kufichua bakuli kwa umma:

# Disable public prevention
gcloud storage buckets update gs://BUCKET_NAME --no-public-access-prevention

# Make all objects in a bucket public
gcloud storage buckets add-iam-policy-binding gs://BUCKET_NAME --member=allUsers --role=roles/storage.objectViewer
## I don't think you can make specific objects public just with IAM

# Make a bucket or object public (via ACL)
gcloud storage buckets update gs://BUCKET_NAME --add-acl-grant=entity=AllUsers,role=READER
gcloud storage objects update gs://BUCKET_NAME/OBJECT_NAME --add-acl-grant=entity=AllUsers,role=READER

Ikiwa unajaribu kutoa ACLs kwa bakuli lenye ACLs zilizozimwa utaona kosa hili: ERROR: HTTPError 400: Cannot use ACL API to update bucket policy when uniform bucket-level access is enabled. Read more at https://cloud.google.com/storage/docs/uniform-bucket-level-access

Ili kufikia bakuli wazi kupitia kivinjari, tembelea URL https://<bucket_name>.storage.googleapis.com/ au https://<bucket_name>.storage.googleapis.com/<object_name>