Migrate to using mdbook

src/pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-sql-persistence.md

@@ -0,0 +1,37 @@
+# GCP - Cloud SQL Persistence
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Cloud SQL
+
+For more information about Cloud SQL check:
+
+{{#ref}}
+../gcp-services/gcp-cloud-sql-enum.md
+{{#endref}}
+
+### Expose the database and whitelist your IP address
+
+A database only accessible from an internal VPC can be exposed externally and your IP address can be whitelisted so you can access it.\
+For more information check the technique in:
+
+{{#ref}}
+../gcp-post-exploitation/gcp-cloud-sql-post-exploitation.md
+{{#endref}}
+
+### Create a new user / Update users password / Get password of a user
+
+To connect to a database you **just need access to the port** exposed by the database and a **username** and **password**. With e**nough privileges** you could **create a new user** or **update** an existing user **password**.\
+Another option would be to **brute force the password of an user** by trying several password or by accessing the **hashed** password of the user inside the database (if possible) and cracking it.\
+Remember that **it's possible to list the users of a database** using GCP API.
+
+> [!NOTE]
+> You can create/update users using GCP API or from inside the databae if you have enough permissions.
+
+For more information check the technique in:
+
+{{#ref}}
+../gcp-post-exploitation/gcp-cloud-sql-post-exploitation.md
+{{#endref}}
+
+{{#include ../../../banners/hacktricks-training.md}}