From 45b2e5e0a83a2aeaa29258c23b9fb151db951f34 Mon Sep 17 00:00:00 2001 From: SirBroccoli Date: Thu, 23 Oct 2025 14:05:23 +0200 Subject: [PATCH] Update az-front-door.md --- .../azure-security/az-services/az-front-door.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/pentesting-cloud/azure-security/az-services/az-front-door.md b/src/pentesting-cloud/azure-security/az-services/az-front-door.md index d11e71955..4c0a342a9 100644 --- a/src/pentesting-cloud/azure-security/az-services/az-front-door.md +++ b/src/pentesting-cloud/azure-security/az-services/az-front-door.md @@ -10,8 +10,6 @@ To bypass this rule automated tools can be used that **brute-force IP addresses* This is mentioned in the [Microsoft documentation](https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-configure-ip-restriction). ---- - ## Credential Skimming via WAF Custom Rules + Log Analytics Abuse Azure Front Door (AFD) WAF Custom Rules in combination with Log Analytics to capture cleartext credentials (or other secrets) traversing the WAF. This is not a CVE; it’s misuse of legitimate features by anyone who can modify the WAF policy and read its logs. @@ -80,13 +78,10 @@ The matched values appear in details_matches_s and include the cleartext values - An existing Azure Front Door instance. - Permissions to edit the AFD WAF policy and read the associated Log Analytics workspace. -### Impact -- High risk: An operator with WAF/Log access can silently harvest secrets at the trusted TLS termination point. - ## References - [https://trustedsec.com/blog/azures-front-door-waf-wtf-ip-restriction-bypass](https://trustedsec.com/blog/azures-front-door-waf-wtf-ip-restriction-bypass) - [Skimming Credentials with Azure's Front Door WAF](https://trustedsec.com/blog/skimming-credentials-with-azures-front-door-waf) - [Azure WAF on Front Door monitoring and logging](https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-monitor) -{{#include ../../../banners/hacktricks-training.md}} \ No newline at end of file +{{#include ../../../banners/hacktricks-training.md}}