gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-10 12:13:17 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/pentesting-cloud/azure-security/az-persistence/az-queue

Browse Source
This commit is contained in:
Translator
2025-02-20 00:54:51 +00:00
parent 4d60f68e4b
commit a548af231f
10 changed files with 64 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
src/pentesting-cloud/azure-security/az-services/az-queue.md Normal file
View File

@@ -0,0 +1,91 @@
# Az - Queue Storage
{{#include ../../../banners/hacktricks-training.md}}
## Informazioni di Base
Azure Queue Storage è un servizio nella piattaforma cloud Azure di Microsoft progettato per la messaggistica tra i componenti dell'applicazione, **abilitando la comunicazione asincrona e il disaccoppiamento**. Ti consente di memorizzare un numero illimitato di messaggi, ciascuno fino a 64 KB di dimensione, e supporta operazioni come la creazione e la cancellazione di code, l'aggiunta, il recupero, l'aggiornamento e la cancellazione di messaggi, oltre alla gestione dei metadati e delle politiche di accesso. Sebbene elabori tipicamente i messaggi in un ordine di tipo first-in-first-out (FIFO), non è garantito un FIFO rigoroso.
### Enumerazione
{{#tabs }}
{{#tab name="Az Cli" }}
```bash
# You need to know the --account-name of the storage (az storage account list)
az storage queue list --account-name <storage_account> # --auth-mode login
# Queue Metadata
az storage queue metadata show --name <queue_name> --account-name <storage_account> # --auth-mode login
#Get ACL
az storage queue policy list --queue-name <queue_name> --account-name <storage_account> # --auth-mode login
# Get Messages (getting a message deletes it)
az storage message get --queue-name <queue_name> --account-name <storage_account> # --auth-mode login
# Peek Messages
az storage message peek --queue-name <queue_name> --account-name <storage_account> # --auth-mode login
```
{{#endtab }}
{{#tab name="Az PS" }}
```bash
# Get the Storage Context
$storageAccount = Get-AzStorageAccount -ResourceGroupName QueueResourceGroup -Name queuestorageaccount1994
$ctx = $storageAccount.Context
# Set Variables for Storage Account
$storageAccountName = "queuestorageaccount"
# List Queues
Get-AzStorageQueue -Context $context
$queueName = "myqueue"
# Retrieve a specific queue
$queue = Get-AzStorageQueue -Name $queueName -Context $context
$queue # Show the properties of the queue
# Retrieve the access policies for the queue
$accessPolicies = Get-AzStorageQueueStoredAccessPolicy -Context $context -QueueName $queueName
$accessPolicies
# Peek Messages
$queueMessage = $queue.QueueClient.PeekMessage()
$queueMessage.Value
# Set the amount of time you want to entry to be invisible after read from the queue
# If it is not deleted by the end of this time, it will show up in the queue again
$visibilityTimeout = [System.TimeSpan]::FromSeconds(10)
# Read the messages from the queue, then show the contents of the messages.
$queueMessage = $queue.QueueClient.ReceiveMessages(1,$visibilityTimeout)
$queueMessage.Value
```
{{#endtab }}
{{#endtabs }}
### Escalation dei privilegi
{{#ref}}
../az-privilege-escalation/az-queue-privesc.md
{{#endref}}
### Post Sfruttamento
{{#ref}}
../az-post-exploitation/az-queue-post-exploitation.md
{{#endref}}
### Persistenza
{{#ref}}
../az-persistence/az-queue-persistance.md
{{#endref}}
## Riferimenti
- [https://learn.microsoft.com/en-us/azure/storage/queues/storage-powershell-how-to-use-queues](https://learn.microsoft.com/en-us/azure/storage/queues/storage-powershell-how-to-use-queues)
- [https://learn.microsoft.com/en-us/rest/api/storageservices/queue-service-rest-api](https://learn.microsoft.com/en-us/rest/api/storageservices/queue-service-rest-api)
- [https://learn.microsoft.com/en-us/azure/storage/queues/queues-auth-abac-attributes](https://learn.microsoft.com/en-us/azure/storage/queues/queues-auth-abac-attributes)
{{#include ../../../banners/hacktricks-training.md}}