HackTricks CloudGCP - Storage Persistence
Reading time: 2 minutes
tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Storage
For more information about Cloud Storage check:
storage.hmacKeys.create
You can create an HMAC to maintain persistence over a bucket. For more information about this technique check it here.
bash
# Create key
gsutil hmac create <sa-email>
# Configure gsutil to use it
gsutil config -a
# Use it
gsutil ls gs://[BUCKET_NAME]
Another exploit script for this method can be found here.
Give Public Access
Making a bucket publicly accessible is another way to maintain access over the bucket. Check how to do it in:
GCP - Storage Post Exploitation
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.