├── README.md
├── cludshell.jpeg
├── pp_my_qrcode_tip_only_1696585257001.jpg
└── remove-bloat.sh


/README.md:
--------------------------------------------------------------------------------
  1 | # Google-cloud-shell-hacking
  2 | Hacks for a better google cloud shell experience
  3 | 
  4 | ![alt text](https://github.com/FrancescoDiSalesGithub/Google-cloud-shell-hacking/blob/main/cludshell.jpeg)
  5 | 
  6 | # Summary
  7 | * Donation
  8 | * Introduction
  9 | * Do and don't
 10 | * Cons of Google Cloud Shell
 11 | * Hacks of Google Cloud Shell
 12 | * SSH on the google cloud shell using the private key
 13 | * Putting the public key on google cloud shell
 14 | * Start the google cloud shell instance
 15 | * Check the ip of the google cloud shell
 16 | * Run the google cloud shell in ssh
 17 | * Connect a google cloud shell to another google cloud shell
 18 | * Getting oauth token on a running instance of a google cloud shell
 19 | * Change location and zone of the google cloud shell
 20 | * Use the google cloud shell as proxy
 21 | * Running another operative system at the login in the google cloud shell
 22 | * Using the postgres database
 23 | * Autorun the Google Cloud shell at login
 24 | * Containers stored locally in google cloud shell
 25 | * Persistent postgresql data
 26 | * Enabling systemctl on google cloud shell
 27 | * Cockpit interface on google cloud shell
 28 | * Connect external drives to google cloud shell
 29 | * Connect with rdp protocol to Google cloud shell
 30 | * Windows Server on google cloud shell
 31 | * Removing bloat from google cloud shell
 32 | * Using dbeaver on a google cloud shell database
 33 | * Gitlab on google cloud shell
 34 | * Scheduling on google cloud shell
 35 | * Restarting the google cloud shell without using the gui
 36 | * Putting the public key manually on a running google cloud shell instance
 37 | * Alternative to ngrok (Poor man's ngrok)
 38 | * Getting http hostname
 39 |   
 40 | # Donation
 41 | 
 42 | Before starting with this hacking guide, If you want to support me, or if this guide helped you, or you want to buy me a coffee, you can donate with paypal at the following url:
 43 | 
 44 | ```
 45 | https://www.paypal.me/francescodisales
 46 | ```
 47 | Or with monero at the following address:
 48 | ```
 49 | 4B9WQivaHfd3miDfPKEfCianocGpBx9d8FXycz2vmNW3aBDVKHgkBd9Gmapt4RBVEpTwnehujsiUBBehUiLvnEHs7VFstCC
 50 | ```
 51 | or donate some bitcoins at the following wallet:
 52 | ```
 53 | bc1qff3uyjz3zrtz6h6g8aydph70hhlcj9t3q2ynw4
 54 | ```
 55 | 
 56 | 
 57 | # Introduction
 58 | 
 59 | When you create a google account, you obtain a shell for google cloud. These are the features:
 60 | 
 61 | * 5GB hard-drive
 62 | * 8GB RAM
 63 | * devops tools installed
 64 | * git installed
 65 | * Debian linux distribution
 66 | 
 67 | # DO AND DON'T
 68 | 
 69 | Do:
 70 | * develop
 71 | * trying other programs
 72 | * trying google apis
 73 | * using your cloud shell as proxy (google will still know about your data...)
 74 | * having a personal vps
 75 | 
 76 | Don't:
 77 | * mining
 78 | * unethical hacking
 79 | 
 80 | # Cons of Google Cloud Shell
 81 | Google cloud shell has the following problems:
 82 | 
 83 | * The vm is ephimeral that means that after 1 Hour of inactivity all the content outside the $HOME folder will be lost
 84 | * The google cloud shell is interactive so the crontab will not work
 85 | * You have 50 hours available to use the google cloud shell, after Google will reset the time at a specific date.
 86 | 
 87 | # Hacks of Google Cloud Shell
 88 | Here there's the interesting part of this repository:
 89 | 
 90 | * The google cloud shell has an hidden drive (sda1) which is 60GB you can mount it in the home folder but after the session is lost everything is lost
 91 | * When you start for the first time the google cloud shell it could track your commands. Try the following command: `gcloud config set disable_usage_reporting true`
 92 | 
 93 | # SSH on the google cloud shell using the private key
 94 | 
 95 | When you start a cloud shell with the gcloud-cli or with cloud shell web page, it is assigned an ip to your google cloud shell and it seems that you can not ssh if not using the webpage or the gcloud-cli. The ssh shell listens on the port 6000 and in the sshd config the password authentication is disabled so it means that it is used the key authentication. Generate on your machine a keypair:
 96 | 
 97 | `ssh-keygen -t rsa`
 98 | 
 99 | then get the oauth token from google:
100 | 
101 | * go to https://developers.google.com/oauthplayground/
102 | * search for Cloud Shell api v1
103 | * after selecting, choose https://www.googleapis.com/auth/cloud-platform
104 | * Login and authorize the application
105 | * On step 2 ask for auth token
106 | * On step 3 copy the access token
107 | 
108 | After doing these steps you need to call the following api:
109 | 
110 | * https://content-cloudshell.googleapis.com/v1/users/me/environments/default:addPublicKey [POST] (will make you add your public key you created locally)
111 | * https://content-cloudshell.googleapis.com/v1/users/me/environments/default:start [POST] (will make you start the instance)
112 | * https://content-cloudshell.googleapis.com/v1/users/me/environments/default [GET] (will tell you the ip of the google cloud shell)
113 | 
114 | ## Putting the public key on google cloud shell
115 | 
116 | The api has a POST method. Run the api with the following body:
117 | ```
118 | {
119 |   "key": "ssh-rsa content of the public key"
120 | }
121 | 
122 | where content of the public key = abkjdksajkgajkdhkhksda  
123 | no username should be pasted after the rsa encryption
124 | 
125 | Example:
126 | 
127 | {
128 |   "key":"afabasjdgnjadkjadhaksdsajkdsjakd"
129 | }
130 | 
131 | ```
132 | And the header **Authorization**. It should has value Bearer value-of-the-access-token.
133 | 
134 | The content of the public key can be obtained by run the following line:
135 | `cat .ssh/id_rsa.pub`
136 | 
137 | ## Start the google cloud shell instance
138 | 
139 | Use the following api:
140 | https://content-cloudshell.googleapis.com/v1/users/me/environments/default:start 
141 | 
142 | Add the header **Authorization**. It should has value Bearer value-of-the-access-token. The json request is the following:
143 | ```
144 | {
145 |   "accessToken": "access-token-value",
146 |   "publicKeys": [
147 |     "content-of-the-local-public-key"
148 |   ]
149 | }
150 | ```
151 | Then run the api
152 | 
153 | ## Check the ip of the google cloud shell
154 | 
155 | Run:
156 | ```
157 |  https://content-cloudshell.googleapis.com/v1/users/me/environments/default
158 | ```
159 | 
160 | Like the previous one it has the **Authorization header**. Run it and you will have the IP of your google cloud shell.
161 | 
162 | ## Run the google cloud shell in ssh
163 | 
164 | Running the api:
165 | ```
166 | https://content-cloudshell.googleapis.com/v1/users/me/environments/default:start
167 | ```
168 | As response of the rest api, search for the json keys:
169 | 
170 | * sshHost
171 | * sshPort
172 | 
173 | you can connect in ssh with the terminal by doing:
174 | 
175 | ```
176 | ssh -i my_key_rsa -p value_of_sshPort my_google_username@value_of_sshHost
177 | ```
178 | 
179 | If everything goes well you will have a ssh session with the google cloud shell without using the webpage or the gcloud-cli.
180 | 
181 | 
182 | # Connect a google cloud shell to another google cloud shell
183 | 
184 | Let's suppose we have two users:
185 | * UserA
186 | * UserB
187 | 
188 | UserA wants to connect to UserB's cloud shell.
189 | 
190 | UserA has to retrieve the oauth token, and register on his google cloud shell the public key of UserB's cloud shell. Then download from UserB's cloud shell the private key of the UserB. Finally he can run the following command: `ssh -i userb_rsa -p 6000 UserB@IP-CLOUD_SHELL_USERB`
191 | 
192 | # Getting oauth token on a running instance of a google cloud shell
193 | 
194 | If you want an oauth token while logged in your google cloud shell, you can run the following command:
195 | ```
196 | gcloud auth application-default print-access-token
197 | ```
198 | 
199 | # Change location and zone of the google cloud shell
200 | 
201 | If you want that your google cloud shell starts to a different country, then you have to edit your torrc file adding something among this:
202 | 
203 | ```
204 | ExitNodes {Country}
205 | 
206 | ```
207 | 
208 | Where Country can be found at the following link:
209 | 
210 | ```
211 | https://www.iso.org/obp/ui/#search
212 | ```
213 | 
214 | the value Country you have to put in the torrc file is the Alpha2-code value in the link above. Remember to use a country that is not too far from your position otherwise you will have a connection timeout. after putting the line:
215 | 
216 | ```
217 | ExitNodes {Country}
218 | 
219 | ```
220 | save the torrc file and restart the tor service if you have it running:
221 | 
222 | ```
223 | 
224 | sudo service tor restart
225 | 
226 | ```
227 | 
228 | otherwise just start the tor service:
229 | 
230 | ```
231 | 
232 | sudo service tor start
233 | 
234 | ```
235 | 
236 | to run the google cloud shell you have three choices:
237 | 
238 | * running with gcloud-cli using proxychains => ` proxychains gcloud cloud-shell ssh --authorize-session`
239 | * using postman and setting in postman the tor proxy
240 | * accessing to the google cloud shell webpage with your web browser (remember to set the proxy to http proxy => socks => localhost and port 9050)
241 | 
242 | 
243 | # Use the google cloud shell as proxy
244 | 
245 | If you want to use your google cloud shell instance as proxy you need to run the following commands (or insert them in the .bashrc file):
246 | 
247 | ```
248 | sudo apt install -y squid
249 | ```
250 | Just for let you know Squid is a http proxy server. Create a **squid.conf** file with the following settings:
251 | 
252 | ```
253 | http_port 3128
254 | cache_dir /var/cache/squid 100 16 256
255 | acl all src 0.0.0.0/0
256 | http_access allow all
257 | 
258 | ```
259 | 
260 | copy the **squid.conf** file to **/etc/squid**
261 | ```
262 | sudo cp squid.conf /etc/squid
263 | ```
264 | 
265 | Finally run the squid service:
266 | 
267 | ```
268 | sudo service squid start
269 | ```
270 | 
271 | Use ngrok to let the proxy be available from outside:
272 | ```
273 | ./ngrok tcp 3128
274 | ```
275 | After running copy the tcp:// url. If you want to run the proxy from a browser it is suggested to remove the tcp:// part and the port and put the port in the port field of your browser proxy settings (squid is a http proxy server).
276 | 
277 | For better use at startup the .bashrc file should have the following lines:
278 | 
279 | ```
280 | 
281 | sudo apt install -y squid
282 | sudo cp squid.conf /etc/squid/
283 | sudo service squid start
284 | cd ngrok;./ngrok tcp 3128
285 | 
286 | ```
287 | 
288 | # Running another operative system at the login in the google cloud shell
289 | 
290 | If you want to run another operative system instead of debian, you can try to create an operative system container. Create in your home folder a path like:
291 | ```
292 | /home/your_google_account_name/your_favourite_operative_system
293 | ```
294 | In the **your_favourite_operative_system** folder create a root folder:
295 | ```
296 | mkdir root
297 | ```
298 | Always in this directory (/home/your_google_account_name/your_favourite_operative_system), create a docker-compose.yml with the following informations:
299 | ```
300 | version: '3.6'
301 | services:
302 |   kali:
303 |     image: "ubuntu" # you can try other operative system such as alpine kali arch and so on
304 |     tty: true
305 |     stdin_open: true
306 |     command: bash # if alpine or unknown operative system use sh
307 |     volumes:
308 |       - "/home/your_google_account_name/your_favourite_operative_system/root:/root"
309 | ```
310 | Before editing the **.bashrc** file, run:
311 | ```
312 | docker-compose up -d
313 | ```
314 | then check the name of the container:
315 | ```
316 | docker ps -a
317 | ```
318 | At the column NAME save somewhere the name of the container. After this check, go to your home folder and edit the **.bashrc** file appending the following line of code:
319 | 
320 | ```
321 | cd /home/your_google_account_name/your_favourite_operative_system; docker-compose up -d && docker start -i your_container_name
322 | ```
323 | 
324 | Wait for the current google cloud shell to end and start a new one. On boot, you will have a running instance of your favourite system, but you will lose all your installed apps on the container.
325 | 
326 | 
327 | # Using the postgres database
328 | 
329 | In the cloud shell run these commands:
330 | 
331 | ```
332 | sudo service postgresql start 
333 | sudo su
334 | su postgres
335 | psql
336 | 
337 | ```
338 | 
339 | At the first command you start the postgresql database service, and then you need to be the postgresql user so you use the su command and finally launching psql you have the interactive shell for postgresql. 
340 | 
341 | # Autorun the Google Cloud shell at login
342 | 
343 | In the Google Cloud shell session edit in your home folder the .bashrc file. At the end of the file write the commands you want to run at login, then save and close the files. At a new login the cloud shell will run the commands you have written in the .bashrc file.
344 | 
345 | # Containers stored locally in google cloud shell 
346 | 
347 | If you're using the docker you will see that, after the session is over you will lose all the content in your containers. There are two possible solutions:
348 | 
349 | * using volumes
350 | * export and import of the container
351 | 
352 | In this paragraph we will discuss about how to export and import a container. Start with pulling a container such as ubuntu:
353 | `docker pull ubuntu`
354 | 
355 | Run the container by doing:
356 | `docker run --name=ubuntu -i -t ubuntu /bin/bash`
357 | 
358 | exit from the shell container, and run the following command:
359 | `docker export -o ubuntu_container.tar`
360 | 
361 | this command will create a tar archive with all the content in the container. Doing that remove the ubuntu image:
362 | `docker rmi ubuntu'
363 | 
364 | Now load your container instance:
365 | `docker import ubuntu_container.tar ubuntu_mycontainer:latest`
366 | 
367 | In the import command is important to pass as argument:
368 | * the tar archive where all the informations of the container is stored
369 | * the name to give to the imported container and the tag (usually should be latest)
370 | 
371 | To check if the container has been imported, run again **docker images**, it should have the new name you gave to the imported container.
372 | Run your new container by doing:
373 | `docker run --name=mypersonalcontainer -i -t ubuntu_mycontainer:latest /bin/bash`
374 | 
375 | This command would run your container with the informations you have inside it
376 | 
377 | 
378 | ## Persistent postgresql data
379 | If you want to persist your data in your google cloud shell, you need to do the following:
380 | * create a directory in your home folder
381 | * `mv /var/lib/postgres/15/main /home/your_google_account/database/` 
382 | * edit the following file **/etc/postgresql/15/main/postgresql.conf** and at the voice **data-directory** add the path **/home/your_google_account/database/**
383 | * start the postgresql service with `sudo service postgres start` if everything is ok postgresql will be up and running
384 | 
385 | When a new instance of the google cloud is running, you only need to edit the file **/etc/postgresql/15/main/postgresql.conf** and edit the **data-directory** voice
386 | 
387 | ## Enabling systemctl on google cloud shell
388 | Since the instance of the google cloud shell works on a docker container, systemctl is not enabled. It is suggested to build a docker image as follow:
389 | ```
390 | from ubuntu
391 | 
392 | run apt update && apt install -y systemd systemd-sysv sudo
393 | run useradd -ms /bin/bash myuser
394 | run echo 'myuser:password' | chpasswd 
395 | run usermod -aG sudo myuser
396 |  
397 | cmd ["/lib/systemd/systemd"]
398 | 
399 | ```
400 | 
401 | after saving the dockerfile run the following command:
402 | `docker build -t mysubsystem .`
403 | 
404 | wait for the complete build.
405 | 
406 | After the build has done, run the docker run command:
407 | `docker run --privileged --name=mysubsystem-container -i -t mysubsystem`
408 | 
409 | Docker will run the container, and it will present you the ubuntu login screen. At the login credentials enter the credentials you wrote in the dockerfile and then you will have a linux container with systemctl enabled. If you want to exit from the container run the **shutdown** command:
410 | `sudo shutdown now`
411 | 
412 | ## Cockpit interface on google cloud shell
413 | 
414 | if you want to manage the google cloud shell through cockpit as prerequisite you need to read the previous paragrah about how to install systemctl on google cloud shell. When you have installed the container in which there is systemctl run this procedure:
415 | 
416 | ```
417 | 
418 | sudo apt update
419 | sudo apt install -y cockpit wget
420 | 
421 | mkdir ngrok
422 | cd ngrok
423 | 
424 | sudo systemctl start cockpit
425 | 
426 | wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-amd64.tgz
427 | tar -xzvf ngrok-v3-stable-linux-amd64.tgz
428 | rm ngrok-v3-stable-linux-amd64.tgz
429 | 
430 | ```
431 | 
432 | then go to your ngrok account and copy your authentication token. You can find it in the ngrok account page at the voice **getting started -> setup and installation**. In that page you can find an instruction like the following:
433 | 
434 | `ngrok config add-authtoken` 
435 | 
436 | and there will be near this instruction your authentication token. Paste all the instruction into the terminal where the google cloud shell is running like this:
437 | 
438 | `./ngrok config add-authtoken YOUR_AUTH_TOKEN`
439 | 
440 | Now you only need to run ngrok:
441 | 
442 | `./ngrok tcp 9090`
443 | 
444 | There should be an url like the following: **tcp://0.tcp.eu.ngrok.io:10230**, please copy the address after tcp:// and paste in your browser. As you reach the webpage, enter as credentials the credentials in your linux container.
445 | 
446 | ## Connect external drives to google cloud shell
447 | 
448 | If you want to add your drives to the google cloudshell you need the following requirements:
449 | 
450 | * sshfs
451 | * ngrok
452 | * (optional) if you have other mass storage such as microsd or hard-drives use a hdd docking station
453 | 
454 | first on your system install openssh-server if you don't have it:
455 | `sudo apt intall openssh-server -y`
456 | 
457 | After the installation on your local machine run the ssh service:
458 | `sudo service ssh start`
459 | 
460 | Then with ngrok listen on port 22:
461 | `./ngrok tcp 22`
462 | 
463 | On your google cloud shell install sshfs:
464 | `sudo apt install -y sshfs`
465 | 
466 | After installing it, always in your google cloud shell run the following command line command:
467 | `sshfs -p NGROK_PORT USER@NGROK_TCP_ADDRESS:LOCAL_PATH PATH_GOOGLE_CLOUD_SHELL`
468 | 
469 | where:
470 | * NGROK_PORT is the port ngrok gives on your local machine
471 | * USER is your user in your local machine
472 | * NGROK_TCP_ADDRESS is the address that ngrok gives you
473 | * LOCAL_PATH is the path where you have locally your mass storage device
474 | * PATH_GOOGLE_CLOUD_SHELL is the path where do you want that your local storage device must be mount on the google cloud shell
475 | 
476 | After that if you are already in the folder where the device has to be mount, go back one directory and then go back to your mount folder. When you are done you can unmount the device on your google cloud shell by doing the following:
477 | 
478 | `umount PATH_GOOGLE_CLOUD_SHELL`
479 | 
480 | Remember that PATH_GOOGLE_CLOUD_SHELL is the path where do you want that your local storage device must be mount on the google cloud shell.
481 | 
482 | ## Connecting using rdp on Google cloud shell
483 | 
484 | If you have windows remote desktop and you want to connect to the Google cloud shell, you have to do the following steps:
485 | * Run `sudo apt install -y xrdp dbus-x11 xfce4 xfce4-goodies`
486 | * Start xrdp service: `sudo service xrdp start`
487 | * Create and user and give him a password: `adduser dev`
488 | * Assign the user to the sudo group: `usermod -aG sudo dev`
489 | * Start ngork: `ngrok tcp 3389`
490 | * Copy the address and port after the tcp://
491 | * Open the remote desktop app for windows and connect
492 | * Login with the user created at the third point and you have your Google cloud shell environment on rdp
493 | 
494 | ## Windows Server on Google
495 | 
496 | As prerequisite you have to add in your google drive a qcow image of your windows server, also you have to follow the steps of the previous paragraph.
497 | Then you have to install qemu:
498 | 
499 | `sudo apt install -y qemu-system-x86`
500 | 
501 | After that install firefox:
502 | 
503 | `sudo apt install firefox-esr`
504 | 
505 | On firefox, change the download location to **/root** and then go to **google.com** and log in as your google user, then, go to your google drive and download the qcow image of windows server. After downloading go to /root and type the following command:
506 | 
507 | `qemu-system-x86_64 -img windowserver.qcow -m 4096 -boot c`
508 | 
509 | ## Removing bloat from google cloud shell
510 | 
511 | If you want to remove bloating software from your google cloud shell download the file in this repository called **remove-bloat.sh**. If you want to have always free space on your google cloud instance, write the **bash.rc** file in your google cloud home folder and write:
512 | `chmod +x remove-bloat.sh; ./remove-bloat.sh`
513 | 
514 | At the next google cloud startup instance it would took some minutes until the removing procedure is done.
515 | 
516 | ## Using dbeaver on a google cloud shell server
517 | 
518 | If you want to connect with dbeaver with the postgres database you need to do the follow:
519 | 
520 | * start the postgres service
521 | * let ngrok listen to the port 5432 by running it as a tcp connection: `ngrok tcp 5432`
522 | * copy the url and port and past it somewhere
523 | * open a new instance of google cloud shell with the tmux and elevate privileges as root by doing sudo su and then go as postgres user by doing su postgres
524 | * connect to the database doing psql -u postgres
525 | * connect to the default postgres database by doing \c
526 | * change the default credentials of postgres by doing: `alter user postgres password mysupersecurepassword`
527 | * open dbeaver and create a postgresql connection
528 | * as the voice host choose the ngrok hostname (something like 0.tcp.eu.ngrok.io) and the relative port
529 | * insert the credentials you have edit before with the alter user command
530 | * test the connection. If everything goes well a message box will alert that the connection works
531 | 
532 | ## Gitlab on google cloud shell
533 | 
534 | To install Gitlab on google cloud shell you first need to edit your .bashrc file appending the following lines:
535 | 
536 | ```
537 | export GITLAB_HOME =/home/your_google_account_username/your_gitlab_folder
538 | cd /home/your_google_account_username/your_gitlab_folder; docker-compose --force-recreate up -d
539 | /home/your_google_account_username/ngrok/./ngrok http 80
540 | 
541 | ```
542 | 
543 | After editing the file .bashrc, go to the your_gitlab_folder folder and make the following folders:
544 | 
545 | * config
546 | * logs
547 | * data
548 | 
549 | in this your_gitlab_folder folder, create a docker-compose.yml file and add these lines:
550 | 
551 | ```
552 | version: '3.6'
553 | services:
554 |   web:
555 |     image: 'gitlab/gitlab-ce:latest'
556 |     restart: always
557 |     hostname: 'localhost'
558 |     ports:
559 |       - '80:80'
560 |       - '443:443'
561 |     volumes:
562 |       - '$GITLAB_HOME/config:/etc/gitlab'
563 |       - '$GITLAB_HOME/logs:/var/log/gitlab'
564 |       - '$GITLAB_HOME/data:/var/opt/gitlab'
565 |     shm_size: '256m'
566 | 
567 | ```
568 | 
569 | Save the file. Exit from the google cloud shell instance and start a new one. When a new google cloud shell sessions starts a gitlab docker instance will start. It may take 4 to 7 minutes for the container to boot. When done copy and paste the ngrok http link to visit the web interface of your gitlab instance.
570 | 
571 | NOTE: at first installation on gitlab it may be required to insert a root password. To find it first run `docker ps -a` and search the name of the container. Then run: `docker exec name_of_the_container cat /etc/gitlab/initial_root_password` after the output of the cat command paste in the web login interface and log in.
572 | 
573 | ## Scheduling on google cloud shell
574 | 
575 | Since scheduling is not enabled on google cloud shell, it is possible to use a java program to do that. First write/copy the following code in a file called **TimerScheduler.java** :
576 | 
577 | ```
578 | 
579 | import java.util.Timer;
580 | import java.util.TimerTask;
581 | 
582 | public class TimerScheduler {
583 | 
584 |     public static void main(String[] args) {
585 |         Timer timer = new Timer();
586 | 
587 |         // Schedule a task to run every 1 second
588 |         timer.scheduleAtFixedRate(new TimerTask() {
589 |             @Override
590 |             public void run() {
591 |                 System.out.println("Hello, World!");
592 |             }
593 |         }, 0, 1000);
594 | 
595 |         // Allow the scheduler to run for 10 seconds
596 |         try {
597 |             Thread.sleep(10000);
598 |         } catch (InterruptedException e) {
599 |             e.printStackTrace();
600 |         }
601 | 
602 |         // Cancel the timer
603 |         timer.cancel();
604 |     }
605 | }
606 | 
607 | ```
608 | 
609 | Then to compile it run:
610 | 
611 | ```
612 | 
613 | javac TimerScheduler.java
614 | 
615 | ```
616 | 
617 | to run it type:
618 | 
619 | ```
620 | 
621 | java TimerScheduler
622 | 
623 | ```
624 | 
625 | it will run the java program but print at output **Hello world!**. For a different logic, you have to develop in java your scheduling job logic, for example:
626 | 
627 | * checking an ip
628 | * run a program each n seconds
629 | * download a script
630 | 
631 | And so on.
632 | 
633 | ## Restarting the google cloud shell without using the gui
634 | 
635 | If you have to restart the google cloud shell due to misconfigurations or server problems, you can restart the google cloud shell instance by enabling the password authentication to the ssh deamon. Edit the sshd config file:
636 | 
637 | ```
638 | 
639 | sudo vim /etc/ssh/sshd_config
640 | 
641 | ```
642 | 
643 | search for **PasswordAuthentication** and replace no with yes then save and quit with vim. Then create a user in linux and after the creation connect locally to your google cloud shell instance:
644 | 
645 | ```
646 | 
647 | ssh myuser@localhost
648 | 
649 | ```
650 | 
651 | Insert the password, and then exit from the ssh session. The google cloud shell will restart by itself.
652 | 
653 | 
654 | ## Putting the public key manually on a running google cloud shell instance
655 | 
656 | If you have a running instance of a google cloud shell, and you want to connect in ssh with your terminal, follow these steps:
657 | 
658 | * Create a ssh keypair:
659 | 
660 | ```
661 | 
662 | ssh-keygen -t rsa
663 | 
664 | ```
665 | * Copy the content of the public key (usually id_rsa.pub) the content to the authorized_key file and after reopen the authorized_keys files and remove the host near your public key hash:
666 | 
667 | ```
668 | 
669 | sudo cat id_rsa.pub >> /home/yourgoogleaccount/.ssh/authorized_keys
670 | sudo cat id_rsa.pub >> /etc/ssh/keys/authorized_keys
671 | 
672 | ```
673 | 
674 | ```
675 | Content of the authorized_keys file at the bottom:
676 | 
677 | ssh-rsa 1asdafnkjnkfas...<SNIP>...a google-ic2-shell #google-ic2-shell has to be removed
678 | 
679 | ```
680 | 
681 | 
682 | 
683 | 
684 | * Restart the ssh service:
685 | 
686 | ```
687 | 
688 | sudo service ssh restart
689 | 
690 | ```
691 | 
692 | * Search for the google cloud shell public ip:
693 | 
694 | ```
695 | curl ifconfig.me
696 | 
697 | ```
698 | 
699 | * Copy the content of the private key to your local computer and connect to the google cloud shell ssh server:
700 | 
701 | ```
702 | 
703 | ssh -i id_rsa -p 6000 yourgoogleaccount@ip-google-cloud-shell
704 | 
705 | ```
706 | 
707 | ## Alternative to ngrok (Poor man's ngrok)
708 | 
709 | Since the new version of ngrok with the free tier has a traffic of 1 GB in and out, you can recreate ngrok's functionality using ssh port forwarding.
710 | 
711 | * Create a vps on linode (Suggested the following one: Shared CPU, 512 MB ram) near your google cloud shell instance so that the network traffic is not slow
712 | * Connect to the vps
713 | * Go to /etc/ssh/sshd_config:
714 | 
715 |   ```
716 |   sudo vim /etc/ssh/sshd_config
717 |   
718 |   ``` 
719 | * Uncomment the voice **GatewayPorts** and set it to yes
720 | * Restart the ssh service on the vps
721 |   
722 |   ```
723 | 
724 |   sudo service ssh restart
725 | 
726 |   ```
727 | * Go to your google cloud shell instance and run the following command:
728 |   ```
729 | 
730 |   ssh -R <remote_port>:localhost:<port_where_the_program_is_listening_on_the_google_cloud_shell> root@ip-vps
731 | 
732 |   ```
733 | * Connect to the vps with the assigned remote port
734 | 
735 | For Clarification the remote port is the port in which the vps listen to the traffic generated in outbound by the google cloud shell
736 | 
737 | 
738 | # Getting http hostname
739 | If you want to host on the google cloud server a http server or a web application that listens on a specific port, and you want to use the hostname with a NS dns record you have to follow the following steps:
740 | * Start your google cloud shell
741 | * Press on the button web preview
742 | * Preview on port 8080
743 | * the browser should redirect to an url like:
744 |   ```
745 |   https://8080-cs-12345678-default.cs-europe-west1-iuzs.cloudshell.dev/?authuser=0&redirectedPreviously=true
746 | 
747 |   ```
748 | * Now run an http application on a port different than 8080
749 | * From the URL :
750 | ```
751 | https://8080-cs-12345678-default.cs-europe-west1-iuzs.cloudshell.dev/?authuser=0&redirectedPreviously=true
752 | ```
753 | Replace 8080 with the number of the port where the web application is listening
754 | * now you should be enable to see your web applicaton
755 | 
756 | ## Extra
757 | From the url that the google cloud shell gave you, you can assign with cloudflare an address dns record type.
758 | 
759 | 


--------------------------------------------------------------------------------
/cludshell.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/FrancescoDiSalesGithub/Google-cloud-shell-hacking/7ef39314504641f8395129c84b36b923ef9a7b0a/cludshell.jpeg


--------------------------------------------------------------------------------
/pp_my_qrcode_tip_only_1696585257001.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/FrancescoDiSalesGithub/Google-cloud-shell-hacking/7ef39314504641f8395129c84b36b923ef9a7b0a/pp_my_qrcode_tip_only_1696585257001.jpg


--------------------------------------------------------------------------------
/remove-bloat.sh:
--------------------------------------------------------------------------------
  1 | sudo apt purge -y aspnetcore-runtime-2.1 
  2 | sudo apt purge -y aspnetcore-runtime-3.1 
  3 | sudo apt purge -y aspnetcore-runtime-5.0 
  4 | sudo apt purge -y aspnetcore-runtime-6.0 
  5 | sudo apt purge -y aspnetcore-targeting-pack-3.1
  6 | sudo apt purge -y aspnetcore-targeting-pack-5.0
  7 | sudo apt purge -y aspnetcore-targeting-pack-6.0
  8 | sudo apt purge -y cpp-10 
  9 | sudo apt purge -y cpp 
 10 | sudo apt purge -y curl
 11 | sudo apt purge -y dnsmasq-base
 12 | sudo apt purge -y dnsutils-security
 13 | sudo apt purge -y docker-buildx-plugin
 14 | sudo apt purge -y docker-ce-cli 
 15 | sudo apt purge -y docker-ce-rootless-extras 
 16 | sudo apt purge -y docker-ce 
 17 | sudo apt purge -y docker-compose-plugin 
 18 | sudo apt purge -y dotnet-apphost-pack-3.1 
 19 | sudo apt purge -y dotnet-apphost-pack-5.0 
 20 | sudo apt purge -y dotnet-apphost-pack-6.0 
 21 | sudo apt purge -y dotnet-host  
 22 | sudo apt purge -y dotnet-hostfxr-2.1 
 23 | sudo apt purge -y dotnet-hostfxr-3.1 
 24 | sudo apt purge -y dotnet-hostfxr-5.0 
 25 | sudo apt purge -y dotnet-hostfxr-6.0 
 26 | sudo apt purge -y dotnet-runtime-2.1 
 27 | sudo apt purge -y dotnet-runtime-3.1 
 28 | sudo apt purge -y dotnet-runtime-5.0 
 29 | sudo apt purge -y dotnet-runtime-6.0 
 30 | sudo apt purge -y dotnet-runtime-deps-2.1
 31 | sudo apt purge -y dotnet-runtime-deps-3.1
 32 | sudo apt purge -y dotnet-runtime-deps-5.0
 33 | sudo apt purge -y dotnet-runtime-deps-6.0
 34 | sudo apt purge -y dotnet-sdk-6.0 
 35 | sudo apt purge -y dotnet-targeting-pack-3.1 
 36 | sudo apt purge -y dotnet-targeting-pack-5.0 
 37 | sudo apt purge -y dotnet-targeting-pack-6.0 
 38 | sudo apt purge -y emacs-bin-common-security 
 39 | sudo apt purge -y emacs-common-security 
 40 | sudo apt purge -y emacs-nox-security 
 41 | sudo apt purge -y emacsen-common 
 42 | sudo apt purge -y g++-10   
 43 | sudo apt purge -y g++ 
 44 | sudo apt purge -y gcc-10-base 
 45 | sudo apt purge -y gcc-10   
 46 | sudo apt purge -y gcc-9-base
 47 | sudo apt purge -y gcc 
 48 | sudo apt purge -y gcsfuse
 49 | sudo apt purge -y gdb 
 50 | sudo apt purge -y git
 51 | sudo apt purge -y gnupg-l10n 
 52 | sudo apt purge -y gnupg-utils 
 53 | sudo apt purge -y gnupg2 
 54 | sudo apt purge -y gnupg 
 55 | sudo apt purge -y google-cloud-sdk-app-engine-go
 56 | sudo apt purge -y google-cloud-sdk-app-engine-java
 57 | sudo apt purge -y google-cloud-sdk-app-engine-python-extras
 58 | sudo apt purge -y google-cloud-sdk-app-engine-python
 59 | sudo apt purge -y google-cloud-sdk-bigtable-emulator
 60 | sudo apt purge -y google-cloud-sdk-cbt
 61 | sudo apt purge -y google-cloud-sdk-cloud-build-local
 62 | sudo apt purge -y google-cloud-sdk-cloud-run-proxy
 63 | sudo apt purge -y google-cloud-sdk-datastore-emulator
 64 | sudo apt purge -y google-cloud-sdk-gke-gcloud-auth-plugin
 65 | sudo apt purge -y google-cloud-sdk-kpt
 66 | sudo apt purge -y google-cloud-sdk-local-extract
 67 | sudo apt purge -y google-cloud-sdk-minikube
 68 | sudo apt purge -y google-cloud-sdk-nomos
 69 | sudo apt purge -y google-cloud-sdk-package-go-module
 70 | sudo apt purge -y google-cloud-sdk-pubsub-emulator
 71 | sudo apt purge -y google-cloud-sdk-skaffold
 72 | sudo apt purge -y google-cloud-sdk
 73 | sudo apt purge -y gpg-agent
 74 | sudo apt purge -y gpg-wks-client
 75 | sudo apt purge -y gpg-wks-server
 76 | sudo apt purge -y gpg 
 77 | sudo apt purge -y gpgconf 
 78 | sudo apt purge -y gpgsm 
 79 | sudo apt purge -y gpgv 
 80 | sudo apt purge -y graphviz 2.42.2-5  
 81 | sudo apt purge -y grep 3.6-1+deb11u1  
 82 | sudo apt purge -y kubectl
 83 | sudo apt purge -y lxc 1:4.0.6-2+deb11u2  
 84 | sudo apt purge -y lynx-common 
 85 | sudo apt purge -y lynx 
 86 | sudo apt purge -y m4 
 87 | sudo apt purge -y mailcap
 88 | sudo apt purge -y make 
 89 | sudo apt purge -y mercurial-common 
 90 | sudo apt purge -y mercurial 
 91 | sudo apt purge -y mysql-apt-config
 92 | sudo apt purge -y mysql-client
 93 | sudo apt purge -y mysql-common
 94 | sudo apt purge -y mysql-community-client-core
 95 | sudo apt purge -y mysql-community-client-plugins
 96 | sudo apt purge -y mysql-community-client
 97 | sudo apt purge -y openjdk-11-jdk-headless
 98 | sudo apt purge -y openjdk-11-jdk
 99 | sudo apt purge -y openjdk-11-jre-headless
100 | sudo apt purge -y openjdk-11-jre
101 | sudo apt purge -y openjdk-17-jdk-headless-security  
102 | sudo apt purge -y openjdk-17-jdk-security  
103 | sudo apt purge -y openjdk-17-jre-headless-security  
104 | sudo apt purge -y openjdk-17-jre-security  
105 | sudo apt purge -y perl-base 
106 | sudo apt purge -y perl-modules-5.32 
107 | sudo apt purge -y perl 
108 | sudo apt purge -y php-common 
109 | sudo apt purge -y php-pear 
110 | sudo apt purge -y php7.4-bcmath 
111 | sudo apt purge -y php7.4-cgi 
112 | sudo apt purge -y php7.4-cli 
113 | sudo apt purge -y php7.4-common 
114 | sudo apt purge -y php7.4-dev 
115 | sudo apt purge -y php7.4-json 
116 | sudo apt purge -y php7.4-mbstring 
117 | sudo apt purge -y php7.4-mysql 
118 | sudo apt purge -y php7.4-opcache 
119 | sudo apt purge -y php7.4-readline 
120 | sudo apt purge -y php7.4-xml 
121 | sudo apt purge -y postgresql-15-pgdg 
122 | sudo apt purge -y postgresql-client-15-pgdg 
123 | sudo apt purge -y postgresql-client-common-pgdg 
124 | sudo apt purge -y postgresql-client-pgdg 
125 | sudo apt purge -y postgresql-common-pgdg 
126 | sudo apt purge -y postgresql-pgdg 
127 | sudo apt purge -y powershell 
128 | sudo apt purge -y python-apt-common 
129 | sudo apt purge -y python-pip-whl 
130 | sudo apt purge -y python-pkg-resources 
131 | sudo apt purge -y python-setuptools 
132 | sudo apt purge -y python2-minimal 
133 | sudo apt purge -y python2.7-dev 
134 | sudo apt purge -y python2.7-minimal 
135 | sudo apt purge -y python2.7 
136 | sudo apt purge -y python2 
137 | sudo apt purge -y python3-apt 
138 | sudo apt purge -y python3-dbus 
139 | sudo apt purge -y python3-distutils 
140 | sudo apt purge -y python3-gi 
141 | sudo apt purge -y python3-lib2to3 
142 | sudo apt purge -y python3-minimal 
143 | sudo apt purge -y python3-pip 
144 | sudo apt purge -y python3-pkg-resources
145 | sudo apt purge -y python3-pycurl 
146 | sudo apt purge -y python3-setuptools
147 | sudo apt purge -y python3-software-properties
148 | sudo apt purge -y python3-venv 
149 | sudo apt purge -y python3-wheel 
150 | sudo apt purge -y python3.9-dev 
151 | sudo apt purge -y python3.9-minimal 
152 | sudo apt purge -y python3.9-venv 
153 | sudo apt purge -y python3.9 
154 | sudo apt purge -y python3 
155 | sudo apt purge -y qemu-user-static
156 | sudo apt purge -y qemu-user
157 | sudo apt purge -y ruby-dev 
158 | sudo apt purge -y ruby-minitest 
159 | sudo apt purge -y ruby-net-telnet 
160 | sudo apt purge -y ruby-power-assert 
161 | sudo apt purge -y ruby-rubygems 
162 | sudo apt purge -y ruby-test-unit 
163 | sudo apt purge -y ruby-xmlrpc 
164 | sudo apt purge -y ruby2.7-dev 
165 | sudo apt purge -y ruby2.7 
166 | sudo apt purge -y ruby 
167 | sudo apt purge -y rubygems-integration 
168 | sudo apt purge -y sqlite3   
169 | sudo apt purge -y telnet 
170 | 


--------------------------------------------------------------------------------