0xCardinal
commented
1 year ago Assigned to Saksham
Closed 0xCardinal closed 1 year ago
0xCardinal
commented
1 year ago Assigned to Saksham
saksham3022
commented
1 year ago A Google Cloud Storage service is a public storage service offered by google cloud that enables business to store their data in the bucket. But if those Buckets are misconfigured then they can be vulnerable to unauthorized access by bad actors who could list, download and/or upload objects inside the bucket. Those buckets can also contain confidential files like databases, source code and credentials. Attackers View • Search for the publicly exposed bucket all cloud storage buckets used the same format given below • Cloud Storage Bucket URL Format https://storage.cloud.google.com/BUCKET_NAME/OBJECT_NAME • You can use the GCPBucketBrute tool mention in tool section using your GCP account credential it will enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. Defenders View • Audit your GCP Buckets for public access with Red-Bucket-GCP tool mention in tool section. • Block public access for the buckets that are publicly accessible.
Tools. • https://github.com/lightspin-tech/red-bucket-gcp • https://github.com/RhinoSecurityLabs/GCPBucketBrute References • https://www.trendmicro.com/cloudoneconformity/knowledge-base/gcp/CloudStorage/publicly-accessible-storage-buckets.html • https://threatpost.com/google-cloud-buckets-exposed-misconfiguration/159429/
saksham3022
commented
1 year ago saksham3022
commented
1 year ago
https://threatpost.com/google-cloud-buckets-exposed-misconfiguration/159429/