gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-24 18:24:40 -08:00
Code Issues Packages Projects Releases Wiki Activity

Migrate to using mdbook

Browse Source
This commit is contained in:
Congon4tor
2024-12-31 17:04:35 +01:00
parent b9a9fed802
commit cd27cf5a2e
1373 changed files with 26143 additions and 34152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
src/pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.md Normal file
View File

@@ -0,0 +1,89 @@
# GCP - Cloud SQL Enum
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
Google Cloud SQL is a managed service that **simplifies setting up, maintaining, and administering relational databases** like MySQL, PostgreSQL, and SQL Server on Google Cloud Platform, removing the need to handle tasks like hardware provisioning, database setup, patching, and backups.
Key features of Google Cloud SQL include:
1. **Fully Managed**: Google Cloud SQL is a fully-managed service, meaning that Google handles database maintenance tasks like patching, updates, backups, and configuration.
2. **Scalability**: It provides the ability to scale your database's storage capacity and compute resources, often without downtime.
3. **High Availability**: Offers high availability configurations, ensuring your database services are reliable and can withstand zone or instance failures.
4. **Security**: Provides robust security features like data encryption, Identity and Access Management (IAM) controls, and network isolation using private IPs and VPC.
5. **Backups and Recovery**: Supports automatic backups and point-in-time recovery, helping you safeguard and restore your data.
6. **Integration**: Seamlessly integrates with other Google Cloud services, providing a comprehensive solution for building, deploying, and managing applications.
7. **Performance**: Offers performance metrics and diagnostics to monitor, troubleshoot, and improve database performance.
### Password
In the web console Cloud SQL allows the user to **set** the **password** of the database, there also a generate feature, but most importantly, **MySQL** allows to **leave an empty password and all of them allows to set as password just the char "a":**
<figure><img src="../../../images/image (14).png" alt=""><figcaption></figcaption></figure>
It's also possible to configure a password policy requiring **length**, **complexity**, **disabling reuse** and **disabling username in password**. All are disabled by default.
**SQL Server** can be configured with **Active Directory Authentication**.
### Zone Availability
The database can be **available in 1 zone or in multiple**, of course, it's recommended to have important databases in multiple zones.
### Encryption
By default a Google-managed encryption key is used, but it's also **possible to select a Customer-managed encryption key (CMEK)**.
### Connections
- **Private IP**: Indicate the VPC network and the database will get an private IP inside the network
- **Public IP**: The database will get a public IP, but by default no-one will be able to connect
- **Authorized networks**: Indicate public **IP ranges that should be allowed** to connect to the database
- **Private Path**: If the DB is connected in some VPC, it's possible to enable this option and give **other GCP services like BigQuery access over it**
<figure><img src="../../../images/image (15).png" alt=""><figcaption></figcaption></figure>
### Data Protection
- **Daily backups**: Perform automatic daily backups and indicate the number of backups you want to maintain.
- **Point-in-time recovery**: Allows you to recover data from a specific point in time, down to a fraction of a second.
- **Deletion Protection**: If enabled, the DB won't be able to be deleted until this feature is disabled
### Enumeration
```bash
# Get SQL instances
gcloud sql instances list
gcloud sql instances describe <inst-name> # get IPs, CACert, settings
# Get database names inside an instance (like information_schema, sys...)
gcloud sql databases list --instance <intance-name>
gcloud sql databases describe <db-name> --instance <intance-name>
# Get usernames inside the db instance
gcloud sql users list --instance <intance-name>
# Backups
gcloud sql backups list --instance <intance-name>
gcloud sql backups describe <backup-name> --instance <intance-name>
```
### Unauthenticated Enum
{{#ref}}
../gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.md
{{#endref}}
### Post Exploitation
{{#ref}}
../gcp-post-exploitation/gcp-cloud-sql-post-exploitation.md
{{#endref}}
### Persistence
{{#ref}}
../gcp-persistence/gcp-cloud-sql-persistence.md
{{#endref}}
{{#include ../../../banners/hacktricks-training.md}}