How Can Attackers Gain Persistence in Google Cloud Shell?

April 2, 2025
How Can Attackers Gain Persistence in Google Cloud Shell?

In today’s cybersecurity landscape, maintaining persistence in a compromised environment is a key objective for many attackers. One particular area that has garnered attention is the Google Cloud Platform (GCP) and its associated Google Cloud Shell. Google Cloud Shell is a web-based shell service that allows admin users to perform GCP administrative tasks without needing local software installation. Here, the service runs on an ephemeral Debian Linux Virtual Machine (VM), where the user interacts with a Docker container. However, the shell can pose a risk as attackers can leverage certain features to secure persistent access.

1. Understanding the Concept of Persistence

Despite the ephemeral nature of the Docker containers used in Google Cloud Shell, attackers can exploit the persistence features associated with the home directory. Specifically, the home directory in GCP Cloud Shell can hold up to 5GB of persistent data. This is achievable through the .bashrc file, which has been previously demonstrated to aid in persistence tactics. However, there is another lesser-known method involving the .customize_environment script. Once created, this file can run automatically during each Cloud Shell startup.

From an administrative viewpoint, this feature is beneficial as it allows for the pre-configuration of frequently used tools and system settings. Administrators can script the installation of specific software or adjust configurations as needed. For attackers, however, this level of automated execution opens the door for numerous malicious activities. Persistence remains a crucial component for threat actors and red teams aiming to retain access to a compromised system.

2. Leveraging the .customize_environment File

The .customize_environment script offers a viable method for attackers looking to maintain persistence. Once initial access to Google Cloud Shell is established, a malicious actor can create and modify this script to execute various commands automatically. This can involve downloading and running a command and control (C2) implant or scripting actions that compromise tokens and relay them to the attacker’s server. With outbound filtering largely unrestricted during tests, attackers found that outbound connections using open TCP ports remained unblocked.

For instance, inserting reverse shell code into the .customize_environment script allows remote access to the compromised shell upon startup. Every instance of the Cloud Shell inception will automatically call on this script, initiating the reverse shell connection. Observations show that within the process list, .customize_environment is consistently triggered with Bash at startup, maintaining the reverse shell operation.

3. Potential Drawbacks and Considerations

Despite its utility, the persistence method via the .customize_environment file is not without its challenges. The success of this tactic is heavily dependent on the frequency with which the target user accesses Cloud Shell. Infrequent users make this method less reliable. Additionally, the need for authentication for certain Cloud Shell actions can pose a threat to the stealthiness of the attack. Unscheduled or suspicious authorization pop-ups may alert users, potentially compromising the attacker’s efforts.

Another limitation to note is the inactivity threshold related to the home directory. A home directory that remains unused for 120 days is automatically deleted, which could disrupt the persistence of any scripts or modifications stored within that file space. Such limitations underscore the importance of reconnaissance and careful planning in executing and maintaining persistent attacks within Google Cloud Shell environments.

4. Addressing Security and Detection

A critical aspect to consider in this scenario is the detection and blocking of such persistence measures. Currently, Google does not offer specific logging or firewall rules that apply exclusively to Cloud Shell. This makes the detection of the .customize_environment script challenging. Organizations aiming to mitigate this risk must consider disabling Cloud Shell access entirely for their users. The effort to disable Cloud Shell involves steps that can be executed within the Google Admin console.

To disable Google Cloud Shell access, one must log in to the Google Admin console, select Additional Google services from the sidebar, and click on Google Cloud Platform. Within the Cloud Shell settings, unchecking the option “Allow access to Cloud Shell” and pressing SAVE will implement the changes. This operational step limits exposure and minimizes the risk of persistence techniques being exploited within the GCP environment.

Ensuring Security in Google Cloud Shell Environments

In today’s cybersecurity landscape, maintaining persistence in a compromised environment is a crucial goal for many attackers. A particular focus has been placed on the Google Cloud Platform (GCP) and its connected service, Google Cloud Shell. Google Cloud Shell is a web-based interface that enables admin users to carry out GCP administrative tasks without the need to install local software. This service operates on a temporary Debian Linux Virtual Machine (VM), providing user interaction through a Docker container. This setup, while convenient for authorized users, can become a vulnerability. Attackers may exploit specific features of the Cloud Shell to maintain persistent access to the compromised system. By leveraging these tools, malicious actors can ensure their presence within the network remains undetected, posing significant risks to organizational security. As such, it is essential to understand these potential threats and take proactive measures to secure GCP environments against such exploitations.

Subscribe to our weekly news digest.

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for Subscribing!
We'll be sending you our best soon!
Something went wrong, please try again later