gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-23 15:37:53 -08:00
Code Issues Packages Projects Releases Wiki Activity

Recreating repository history for branch master

Browse Source
This commit is contained in:
Carlos Polop
2024-12-12 19:35:48 +01:00
commit 5ef56bb6b3
1076 changed files with 67158 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.md Normal file
View File

@@ -0,0 +1,115 @@
# GCP - Cloud SQL Enum
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
## Basic Information
Google Cloud SQL is a managed service that **simplifies setting up, maintaining, and administering relational databases** like MySQL, PostgreSQL, and SQL Server on Google Cloud Platform, removing the need to handle tasks like hardware provisioning, database setup, patching, and backups.
Key features of Google Cloud SQL include:
1. **Fully Managed**: Google Cloud SQL is a fully-managed service, meaning that Google handles database maintenance tasks like patching, updates, backups, and configuration.
2. **Scalability**: It provides the ability to scale your database's storage capacity and compute resources, often without downtime.
3. **High Availability**: Offers high availability configurations, ensuring your database services are reliable and can withstand zone or instance failures.
4. **Security**: Provides robust security features like data encryption, Identity and Access Management (IAM) controls, and network isolation using private IPs and VPC.
5. **Backups and Recovery**: Supports automatic backups and point-in-time recovery, helping you safeguard and restore your data.
6. **Integration**: Seamlessly integrates with other Google Cloud services, providing a comprehensive solution for building, deploying, and managing applications.
7. **Performance**: Offers performance metrics and diagnostics to monitor, troubleshoot, and improve database performance.
### Password
In the web console Cloud SQL allows the user to **set** the **password** of the database, there also a generate feature, but most importantly, **MySQL** allows to **leave an empty password and all of them allows to set as password just the char "a":**
<figure><img src="../../../.gitbook/assets/image (14).png" alt=""><figcaption></figcaption></figure>
It's also possible to configure a password policy requiring **length**, **complexity**, **disabling reuse** and **disabling username in password**. All are disabled by default.
**SQL Server** can be configured with **Active Directory Authentication**.
### Zone Availability
The database can be **available in 1 zone or in multiple**, of course, it's recommended to have important databases in multiple zones.
### Encryption
By default a Google-managed encryption key is used, but it's also **possible to select a Customer-managed encryption key (CMEK)**.
### Connections
* **Private IP**: Indicate the VPC network and the database will get an private IP inside the network
* **Public IP**: The database will get a public IP, but by default no-one will be able to connect
* **Authorized networks**: Indicate public **IP ranges that should be allowed** to connect to the database
* **Private Path**: If the DB is connected in some VPC, it's possible to enable this option and give **other GCP services like BigQuery access over it**
<figure><img src="../../../.gitbook/assets/image (15).png" alt=""><figcaption></figcaption></figure>
### Data Protection
* **Daily backups**: Perform automatic daily backups and indicate the number of backups you want to maintain.
* **Point-in-time recovery**: Allows you to recover data from a specific point in time, down to a fraction of a second.
* **Deletion Protection**: If enabled, the DB won't be able to be deleted until this feature is disabled
### Enumeration
```bash
# Get SQL instances
gcloud sql instances list
gcloud sql instances describe <inst-name> # get IPs, CACert, settings
# Get database names inside an instance (like information_schema, sys...)
gcloud sql databases list --instance <intance-name>
gcloud sql databases describe <db-name> --instance <intance-name>
# Get usernames inside the db instance
gcloud sql users list --instance <intance-name>
# Backups
gcloud sql backups list --instance <intance-name>
gcloud sql backups describe <backup-name> --instance <intance-name>
```
### Unauthenticated Enum
{% content-ref url="../gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.md" %}
[gcp-cloud-sql-unauthenticated-enum.md](../gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.md)
{% endcontent-ref %}
### Post Exploitation
{% content-ref url="../gcp-post-exploitation/gcp-cloud-sql-post-exploitation.md" %}
[gcp-cloud-sql-post-exploitation.md](../gcp-post-exploitation/gcp-cloud-sql-post-exploitation.md)
{% endcontent-ref %}
### Persistence
{% content-ref url="../gcp-persistence/gcp-cloud-sql-persistence.md" %}
[gcp-cloud-sql-persistence.md](../gcp-persistence/gcp-cloud-sql-persistence.md)
{% endcontent-ref %}
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}