gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-08 03:10:49 -08:00
Code Issues Packages Projects Releases Wiki Activity

Migrate to using mdbook

Browse Source
This commit is contained in:
Congon4tor
2024-12-31 17:04:35 +01:00
parent b9a9fed802
commit cd27cf5a2e
1373 changed files with 26143 additions and 34152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
src/pentesting-cloud/azure-security/az-enumeration-tools.md Normal file
View File

@@ -0,0 +1,149 @@
# Az - Enumeration Tools
{{#include ../../banners/hacktricks-training.md}}
## Install PowerShell in Linux
> [!TIP]
> In linux you will need to install PowerShell Core:
>
> ```bash
> sudo apt-get update
> sudo apt-get install -y wget apt-transport-https software-properties-common
>
> # Ubuntu 20.04
> wget -q https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb
>
> # Update repos
> sudo apt-get update
> sudo add-apt-repository universe
>
> # Install & start powershell
> sudo apt-get install -y powershell
> pwsh
>
> # Az cli
> curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
> ```
## Install PowerShell in MacOS
Instructions from the [**documentation**](https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-macos?view=powershell-7.4):
1. Install `brew` if not installed yet:
```bash
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
```
2. Install the latest stable release of PowerShell:
```sh
brew install powershell/tap/powershell
```
3. Run PowerShell:
```sh
pwsh
```
4. Update:
```sh
brew update
brew upgrade powershell
```
## Main Enumeration Tools
### az cli
[**Azure Command-Line Interface (CLI)**](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli) is a cross-platform tool written in Python for managing and administering (most) Azure and Entra ID resources. It connects to Azure and executes administrative commands via the command line or scripts.
Follow this link for the [**installation instructions¡**](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli#install).
Commands in Azure CLI are structured using a pattern of: `az <service> <action> <parameters>`
#### Debug | MitM az cli
Using the parameter **`--debug`** it's possible to see all the requests the tool **`az`** is sending:
```bash
az account management-group list --output table --debug
```
In order to do a **MitM** to the tool and **check all the requests** it's sending manually you can do:
{{#tabs }}
{{#tab name="Bash" }}
```bash
export ADAL_PYTHON_SSL_NO_VERIFY=1
export AZURE_CLI_DISABLE_CONNECTION_VERIFICATION=1
export HTTPS_PROXY="http://127.0.0.1:8080"
export HTTP_PROXY="http://127.0.0.1:8080"
# If this is not enough
# Download the certificate from Burp and convert it into .pem format
# And export the following env variable
openssl x509 -in ~/Downloads/cacert.der -inform DER -out ~/Downloads/cacert.pem -outform PEM
export REQUESTS_CA_BUNDLE=/Users/user/Downloads/cacert.pem
```
{{#endtab }}
{{#tab name="PS" }}
```bash
$env:ADAL_PYTHON_SSL_NO_VERIFY=1
$env:AZURE_CLI_DISABLE_CONNECTION_VERIFICATION=1
$env:HTTPS_PROXY="http://127.0.0.1:8080"
$env:HTTP_PROXY="http://127.0.0.1:8080"
```
{{#endtab }}
{{#endtabs }}
### Az PowerShell
Azure PowerShell is a module with cmdlets for managing Azure resources directly from the PowerShell command line.
Follow this link for the [**installation instructions**](https://learn.microsoft.com/en-us/powershell/azure/install-azure-powershell).
Commands in Azure PowerShell AZ Module are structured like: `<Action>-Az<Service> <parameters>`
#### Debug | MitM Az PowerShell
Using the parameter **`-Debug`** it's possible to see all the requests the tool is sending:
```bash
Get-AzResourceGroup -Debug
```
In order to do a **MitM** to the tool and **check all the requests** it's sending manually you can set the env variables `HTTPS_PROXY` and `HTTP_PROXY` according to the [**docs**](https://learn.microsoft.com/en-us/powershell/azure/az-powershell-proxy).
### Microsoft Graph PowerShell
Microsoft Graph PowerShell is a cross-platform SDK that enables access to all Microsoft Graph APIs, including services like SharePoint, Exchange, and Outlook, using a single endpoint. It supports PowerShell 7+, modern authentication via MSAL, external identities, and advanced queries. With a focus on least privilege access, it ensures secure operations and receives regular updates to align with the latest Microsoft Graph API features.
Follow this link for the [**installation instructions**](https://learn.microsoft.com/en-us/powershell/microsoftgraph/installation).
Commands in Microsoft Graph PowerShell are structured like: `<Action>-Mg<Service> <parameters>`
#### Debug Microsoft Graph PowerShell
Using the parameter **`-Debug`** it's possible to see all the requests the tool is sending:
```bash
Get-MgUser -Debug
```
### ~~**AzureAD Powershell**~~
The Azure Active Directory (AD) module, now **deprecated**, is part of Azure PowerShell for managing Azure AD resources. It provides cmdlets for tasks like managing users, groups, and application registrations in Entra ID.
> [!TIP]
> This is replaced by Microsoft Graph PowerShell
Follow this link for the [**installation instructions**](https://www.powershellgallery.com/packages/AzureAD).