From 0f7175eb985a0f45f246d5c15c56dffc024e7c62 Mon Sep 17 00:00:00 2001
From: Carlos Polop <carlospolop@gmail.com>
Date: Mon, 17 Feb 2025 19:25:37 +0100
Subject: [PATCH] fix

---
 .../az-servicebus-privesc.md                       |  4 ++--
 .../az-container-instances-apps-jobs.md            |  1 +
 .../az-services/az-servicebus-enum.md              | 14 +++++++-------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
index e73fd8cbb..c8ad2673c 100644
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
@@ -99,7 +99,7 @@ az servicebus namespace update --disable-local-auth false -n <namespace-name> --
 
 ### Send Messages with keys (Microsoft.ServiceBus/namespaces/authorizationRules/listkeys/action OR Microsoft.ServiceBus/namespaces/authorizationRules/regenerateKeys/action)
 
-You can retrieve the `PrimaryConnectionString`, which acts as a credential for the Service Bus namespace. With this connection string, you can fully authenticate as the Service Bus namespace, enabling you to send messages to any queue or topic and potentially interact with the system in ways that could disrupt operations, impersonate valid users, or inject malicious data into the messaging workflow. This method works if `--disable-local-auth` is set to false.
+You can retrieve the `PrimaryConnectionString`, which acts as a credential for the Service Bus namespace. With this connection string, you can fully authenticate as the Service Bus namespace, enabling you to send messages to any queue or topic and potentially interact with the system in ways that could disrupt operations, impersonate valid users, or inject malicious data into the messaging workflow. This method works if `--disable-local-auth` is set to false (so local auth is enabled).
 
 ```python
 import asyncio
@@ -252,7 +252,7 @@ from azure.servicebus.aio import ServiceBusClient
 from azure.servicebus import ServiceBusMessage
 
 NS = "<namespace>.servicebus.windows.net"  # Your namespace
-QUEUE_OR_TOPIC = "<QUEUE_OR_TOPIC>"                          # Your queue name
+QUEUE_OR_TOPIC = "<QUEUE_OR_TOPIC>"        # Your queue name
 
 async def run():
     credential = DefaultAzureCredential()
diff --git a/src/pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.md b/src/pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.md
index 4dfd453ab..81dba7519 100644
--- a/src/pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.md
@@ -117,3 +117,4 @@ az containerapp job start --name <job-name> --resource-group <res-group>
 {{#endref}}
 
 {{#include ../../../banners/hacktricks-training.md}}
+
diff --git a/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md b/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
index d81800ba2..32c98cb71 100644
--- a/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
@@ -39,6 +39,13 @@ Some advance features are:
 - **Duplicate Detection**: Removes duplicate messages during resends.
 - **Batch Deletion**: Bulk deletes expired or unnecessary messages.
 
+### Local Authentication
+
+The **`--disable-local-auth`** from az cli parameter is used to control whether **local authentication** (allowing the use of Shared Access Signature (SAS) keys) is enabled for your Service Bus namespace.
+
+   - When disable is set to **true**: Local authentication using SAS keys is disabled and Entrad ID authentication is allowed.
+   - When disable is set to **false (default)**: Both SAS local authentication and Entra ID authentication are available and you can use connection strings with SAS keys to access your Service Bus resources.
+
 ### Authorization-Rule / SAS Policy
 
 SAS Policies define the access permissions for Azure Service Bus entities namespace (Most Important One), queues and topics. Each policy has the following components:
@@ -53,13 +60,6 @@ SAS Policies define the access permissions for Azure Service Bus entities namesp
 
 It’s important to note that a namespace has a single SAS policy that affects every entity within it, while queues and topics can have their own individual SAS policies for more granular control.
 
-### "--disable-local-auth"
-
-The --disable-local-auth parameter is used to control whether local authentication (i.e. using Shared Access Signature (SAS) keys) is enabled for your Service Bus namespace. Here’s what you need to know:
-
-   - When set to true: Local authentication using SAS keys is disabled and azure Active Directory (Azure AD) authentication is allowed.
-   - When set to false:Both SAS (local) authentication and Azure AD authentication are available and you can use connection strings with SAS keys to access your Service Bus resources.
-
 ### Enumeration
 
 {{#tabs }}