Skip to content

Beginner Friendly red team icon   GCP

Reveal Hidden Files in Google Storage

Misconfigured cloud storage can result in threat actors bypassing the IAM and network security controls and getting access to data.

Overview
We created this beginner-friendly lab to showcase how misconfigured and misused cloud storage can result in threat actors bypassing the perimeter and getting access to customer data.
Scenario

Gigantic Retail are a Fortune 50 company and therefore have a target on their back. Conscious that threat actors will be probing their infrastructure, they have provisionally engaged your team to assess the security of their on-premise and cloud environment. Your mission is to demonstrate impact and show them the value of retaining our services in the long-term.

Lab prerequisites
  • Basic Linux command line knowledge
Learning outcomes
  • Familiarity with the Google Cloud CLI
  • Enumerate Google File Storage
  • Discover and access hidden files using ffuf
  • Crack encrypted 7-Zip archives using Hashcat
Real-world context

Cloud storage can be easy to misconfigure and misuse, and there is also a school of thought that it should instead be split into public storage and private storage services. Where a bucket stores a mix of public and private content, the risk is unauthorized access and a possible breach.