From 15624388904387373d7337e2edb488c4d046d133 Mon Sep 17 00:00:00 2001
From: Reuben Sammut <reubensammut@gmail.com>
Date: Thu, 8 May 2025 21:26:25 +0200
Subject: [PATCH] Update az-automation-accounts-privesc.md

Change the webhook command to use the Powershell command `New-AzAutomationWebHook` which automatically generates the URI, as the command used in here used a URI generated by the Azure Portal
---
 .../az-automation-accounts-privesc.md         | 23 ++++---------------
 1 file changed, 5 insertions(+), 18 deletions(-)

diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.md
index 0804ebec1..18e12a440 100644
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.md
@@ -156,26 +156,13 @@ az rest --method PUT \
 
 With the permission **`Microsoft.Automation/automationAccounts/webhooks/write`** it's possible to create a new Webhook for a Runbook inside an Automation Account using the following command.
 
-Note that you will need to **indicate webhook URI** with the token to use.
+```bash
+New-AzAutomationWebHook -Name <webhook-name> -ResourceGroupName <res-group> -AutomationAccountName <automation-account-name> -RunbookName <runbook-name> -IsEnabled $true
+```
+
+This command should return a webhook URI which is only displayed on creation. Then, to call the runbook using the webhook URI
 
 ```bash
-az rest --method PUT \
---url "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.Automation/automationAccounts/<automantion-account-name>/webhooks/<webhook-name>?api-version=2018-06-30" \
---body '{
-  "name": "<webhook-name>",
-  "properties": {
-    "isEnabled": true,
-    "expiryTime": "2026-01-09T20:03:30.291Z",
-    "parameters": {},
-    "runOn": null,
-    "runbook": {
-      "name": "<runbook-name>"
-    },
-    "uri": "https://f931b47b-18c8-45a2-9d6d-0211545d8c02.webhook.eus.azure-automation.net/webhooks?token=Ts5WmbKk0zcuA8PEUD4pr%2f6SM0NWydiCDqCqS1IdzIU%3d"
-  }
-}'
-
-# Then, to call the runbook using the webhook
 curl -X POST "https://f931b47b-18c8-45a2-9d6d-0211545d8c02.webhook.eus.azure-automation.net/webhooks?token=Ts5WmbKk0zcuA8PEUD4pr%2f6SM0NWydiCDqCqS1IdzIU%3d" \
   -H "Content-Length: 0"
 ```