gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-10 04:05:09 -08:00
Code Issues Packages Projects Releases Wiki Activity

azure automatic tools

Browse Source
This commit is contained in:
Carlos Polop
2025-01-21 18:15:39 +01:00
parent 0996afea1b
commit 64ab139a57
42 changed files with 390 additions and 368 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pentesting-cloud/azure-security/az-services/az-sql.md
View File

@@ -169,7 +169,7 @@ az sql vm show --resource-group <res-grp> --name <name>
{{#tab name="Az PowerShell"}}
```powershell
```bash
# List Servers
Get-AzSqlServer -ResourceGroupName "<resource-group-name>"
@@ -214,7 +214,7 @@ Get-AzSqlVM
You could find a connection string (containing credentials) from example [enumerating an Az WebApp](az-app-services.md):
```powershell
```bash
function invoke-sql{
param($query)
$Connection_string = "Server=tcp:supercorp.database.windows.net,1433;Initial Catalog=flag;Persist Security Info=False;User ID=db_read;Password=gAegH!324fAG!#1fht;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
@@ -235,7 +235,7 @@ invoke-sql 'Select Distinct TABLE_NAME From information_schema.TABLES;'
You can also use sqlcmd to access the database. It is important to know if the server allows public connections `az sql server show --name <server-name> --resource-group <resource-group>`, and also if it the firewall rule let's our IP to access:
```powershell
```bash
sqlcmd -S <sql-server>.database.windows.net -U <server-user> -P <server-passworkd> -d <database>
```