gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-06 17:53:37 -08:00
Code Issues Packages Projects Releases Wiki Activity

static

Browse Source
This commit is contained in:
Carlos Polop
2025-01-05 23:48:40 +01:00
parent ad6c542f82
commit 009ef58e30
6 changed files with 176 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
src/pentesting-cloud/azure-security/az-services/az-static-web-apps.md
View File

@@ -5,8 +5,63 @@
## Static Web Apps Basic Information
Azure Static Web Apps is a cloud service for hosting **static web apps with automatic CI/CD from repositories like GitHub**. It offers global content delivery, serverless backends, and built-in HTTPS, making it secure and scalable. However, risks include misconfigured CORS, insufficient authentication, and content tampering, which can expose apps to attacks like XSS and data leakage if not properly managed.
- **Routes**: It's possible to change the routes of a static webapp by modifying the `staticwebapp.config.json` file. This file is located in the root of the repository and **contains the routes that the app will use**.
> [!TIP]
> When a Static App is created you can choose the **deployment authorization policy** between **Deployment token** and **GitHub Actions workflow**.
### Web App Authentication
It's possible to **configure a password** to access the Web App. The web console allows to configure it to protect only staging environments or both staging and the production one.
This is how at the time of writing a password protected web app looks like:
<figure><img src="../../../images/azure_static_password.png" alt=""><figcaption></figcaption></figure>
It's possible to see **if any password is being used** and which environments are protected with:
```bash
az rest --method GET \
--url "/subscriptions/<subscription-id>/resourceGroups/Resource_Group_1/providers/Microsoft.Web/staticSites/<app-name>/config/basicAuth?api-version=2024-04-01"
```
However, this **won't show the password in clear text**, just something like: `"password": "**********************"`.
### Routes
Routes define **how incoming HTTP requests are handled** within a static web app. Configured in the **`staticwebapp.config.json`** file, they control URL rewriting, redirections, access restrictions, and role-based authorization, ensuring proper resource handling and security.
Some example:
```json
{
"routes": [
{
"route": "/",
"rewrite": "/index.html"
},
{
"route": "/about",
"rewrite": "/about.html"
},
{
"route": "/api/*",
"allowedRoles": ["authenticated"]
},
{
"route": "/admin",
"redirect": "/login",
"statusCode": 302
}
],
"navigationFallback": {
"rewrite": "/index.html",
"exclude": ["/api/*", "/assets/*"]
}
}
```
## Enumeration
@@ -41,6 +96,11 @@ az rest --method POST \
## Examples to generate Web Apps
You cna find a nice example to generate a web app in the following link: [https://learn.microsoft.com/en-us/azure/static-web-apps/get-started-portal?tabs=react&pivots=github](https://learn.microsoft.com/en-us/azure/static-web-apps/get-started-portal?tabs=react&pivots=github)
1. Fork the repository https://github.com/staticwebdev/react-basic/generate to your GitHub account and name it `my-first-static-web-app`
2. In the Azure portal create a Static Web App configuring the Github access and selecting th previously forked new repository
3. Create it, and wait some minutes, and check your new page!
## Post Exploitation

BIN
src/pentesting-cloud/azure-security/az-services/image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB