HackTricks CloudGCP - Storage Unauthenticated Enum
Reading time: 3 minutes
tip
Jifunze na fanya mazoezi ya AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na fanya mazoezi ya Azure Hacking: 
HackTricks Training Azure Red Team Expert (AzRTE)
Support HackTricks
- Angalia mpango wa usajili!
- Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
- Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.
Storage
Kwa maelezo zaidi kuhusu Storage angalia:
Public Bucket Brute Force
muundo wa URL wa kufikia bucket ni https://storage.googleapis.com/<bucket-name>.
Zana zifuatazo zinaweza kutumika kuunda tofauti za jina lililotolewa na kutafuta buckets zilizo na mipangilio isiyo sahihi kwa majina hayo:
Pia zana zilizoelezwa katika:
GCP - Unauthenticated Enum & Access
Ikiwa unapata kwamba unaweza kufikia bucket unaweza kuwa na uwezo wa kuinua hata zaidi, angalia:
GCP - Public Buckets Privilege Escalation
Search Open Buckets in Current Account
Kwa skripti ifuatayo iliyokusanywa kutoka hapa unaweza kupata buckets zote zilizo wazi:
#!/bin/bash
############################
# Run this tool to find buckets that are open to the public anywhere
# in your GCP organization.
#
# Enjoy!
############################
for proj in $(gcloud projects list --format="get(projectId)"); do
echo "[*] scraping project $proj"
for bucket in $(gsutil ls -p $proj); do
echo " $bucket"
ACL="$(gsutil iam get $bucket)"
all_users="$(echo $ACL | grep allUsers)"
all_auth="$(echo $ACL | grep allAuthenticatedUsers)"
if [ -z "$all_users" ]
then
:
else
echo "[!] Open to all users: $bucket"
fi
if [ -z "$all_auth" ]
then
:
else
echo "[!] Open to all authenticated users: $bucket"
fi
done
done
tip
Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)
Support HackTricks
- Angalia mpango wa usajili!
- Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
- Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.