gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-02-06 03:42:22 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/pentesting-cloud/azure-security/az-persistence/az-autom

Browse Source
This commit is contained in:
Translator
2025-02-17 18:21:38 +00:00
parent df5a20e9be
commit 4d81e00a8b
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/SUMMARY.md
View File

@@ -487,6 +487,7 @@
- [Az - SQL Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.md)
- [Az - Virtual Machines & Network Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.md)
- [Az - Persistence](pentesting-cloud/azure-security/az-persistence/README.md)
- [Az - Automation Accounts Persistence](pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.md)
- [Az - Cloud Shell Persistence](pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.md)
- [Az - Queue Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md)
- [Az - VMs Persistence](pentesting-cloud/azure-security/az-persistence/az-vms-persistence.md)

35
src/pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.md Normal file
View File

@@ -0,0 +1,35 @@
# Az - Automation Accounts Persistence
{{#include ../../../banners/hacktricks-training.md}}
## Storage Privesc
Kwa maelezo zaidi kuhusu Akaunti za Uendeshaji angalia:
{{#ref}}
../az-services/az-automation-accounts.md
{{#endref}}
### Backdoor existing runbook
Ikiwa mshambuliaji ana ufikiaji wa akaunti ya uendeshaji, anaweza **kuongeza backdoor** kwenye runbook iliyopo ili **kuhifadhi uthibitisho** na **kuhamasisha data** kama tokens kila wakati runbook inatekelezwa.
### Schedules & Webhooks
Unda au badilisha Runbook iliyopo na ongeza ratiba au webhook kwake. Hii itamruhusu mshambuliaji **kuhifadhi uthibitisho hata kama ufikiaji wa mazingira umepotea** kwa kutekeleza backdoor ambayo inaweza kuwa inavuja tokens kutoka MI kwa nyakati maalum au wakati wowote anapotaka kwa kutuma ombi kwa webhok.
### Malware inside a VM used in a hybrid worker group
Ikiwa VM inatumika kama kikundi cha wafanyakazi wa mchanganyiko, mshambuliaji anaweza **kusanidi malware** ndani ya VM ili **kuhifadhi uthibitisho** na **kuhamasisha data** kama tokens kwa utambulisho wa kusimamiwa uliotolewa kwa VM na kwa akaunti ya uendeshaji kwa kutumia VM.
### Custom environment packages
Ikiwa akaunti ya uendeshaji inatumia pakiti za kawaida katika mazingira maalum, mshambuliaji anaweza **kubadilisha pakiti** ili **kuhifadhi uthibitisho** na **kuhamasisha data** kama tokens. Hii pia itakuwa njia ya siri ya kuhifadhi uthibitisho kwani pakiti za kawaida zilizopakiwa kwa mikono mara nyingi hazikaguliwi kwa msimbo mbaya.
### Compromise external repos
Ikiwa akaunti ya uendeshaji inatumia repos za nje kuhifadhi msimbo kama Github, mshambuliaji anaweza **kudhoofisha repo** ili **kuhifadhi uthibitisho** na **kuhamasisha data** kama tokens. Hii ni ya kuvutia hasa ikiwa toleo la hivi karibuni la msimbo linasawazishwa kiotomatiki na runbook.
{{#include ../../../banners/hacktricks-training.md}}