From 8a488912e9a64eba0980075e44b488baffc6dcc3 Mon Sep 17 00:00:00 2001
From: Translator <github-actions@github.com>
Date: Sun, 26 Jan 2025 11:03:14 +0000
Subject: [PATCH] Translated
 ['src/pentesting-cloud/azure-security/az-unauthenticated-enum

---
 .../az-vms-unauth.md                          | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.md

diff --git a/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.md b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.md
new file mode 100644
index 000000000..c452167e9
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.md
@@ -0,0 +1,37 @@
+# Az - VMs Unauth
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Máquinas Virtuais
+
+Para mais informações sobre Máquinas Virtuais do Azure, consulte:
+
+{{#ref}}
+../az-services/vms/
+{{#endref}}
+
+### Serviço vulnerável exposto
+
+Um serviço de rede que é vulnerável a algum RCE.
+
+### Imagens de Galeria Pública
+
+Uma imagem pública pode conter segredos dentro dela:
+```bash
+# List all community galleries
+az sig list-community --output table
+
+# Search by publisherUri
+az sig list-community --output json --query "[?communityMetadata.publisherUri=='https://3nets.io']"
+```
+### Extensões Públicas
+
+Isso seria mais estranho, mas não impossível. Uma grande empresa pode colocar uma extensão com dados sensíveis dentro dela:
+```bash
+# It takes some mins to run
+az vm extension image list --output table
+
+# Get extensions by publisher
+az vm extension image list --publisher "Site24x7" --output table
+```
+{{#include ../../../banners/hacktricks-training.md}}