gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-31 07:00:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

Migrate to using mdbook

Browse Source
This commit is contained in:
Congon4tor
2024-12-31 17:04:35 +01:00
parent b9a9fed802
commit cd27cf5a2e
1373 changed files with 26143 additions and 34152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
src/pentesting-cloud/azure-security/az-services/az-queue-enum.md Normal file
View File

@@ -0,0 +1,95 @@
# Az - Queue Storage
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
Azure Queue Storage is a service in Microsoft's Azure cloud platform designed for message queuing between application components, **enabling asynchronous communication and decoupling**. It allows you to store an unlimited number of messages, each up to 64 KB in size, and supports operations such as creating and deleting queues, adding, retrieving, updating, and deleting messages, as well as managing metadata and access policies. While it typically processes messages in a first-in-first-out (FIFO) manner, strict FIFO is not guaranteed.
### Enumeration
{{#tabs }}
{{#tab name="Az Cli" }}
```bash
# You need to know the --account-name of the storage (az storage account list)
az storage queue list --account-name <storage_account>
# Queue Metadata
az storage queue metadata show --name <queue_name> --account-name <storage_account>
#Get ACL
az storage queue policy list --queue-name <queue_name> --account-name <storage_account>
# Get Messages (getting a message deletes it)
az storage message get --queue-name <queue_name> --account-name <storage_account>
# Peek Messages
az storage message peek --queue-name <queue_name> --account-name <storage_account>
```
{{#endtab }}
{{#tab name="Az PS" }}
```bash
# Get the Storage Context
$storageAccount = Get-AzStorageAccount -ResourceGroupName QueueResourceGroup -Name queuestorageaccount1994
$ctx = $storageAccount.Context
# Set Variables for Storage Account
$storageAccountName = "queuestorageaccount"
# List Queues
Get-AzStorageQueue -Context $context
$queueName = "myqueue"
# Retrieve a specific queue
$queue = Get-AzStorageQueue -Name $queueName -Context $context
$queue # Show the properties of the queue
# Retrieve the access policies for the queue
$accessPolicies = Get-AzStorageQueueStoredAccessPolicy -Context $context -QueueName $queueName
$accessPolicies
# Peek Messages
$queueMessage = $queue.QueueClient.PeekMessage()
$queueMessage.Value
# Set the amount of time you want to entry to be invisible after read from the queue
# If it is not deleted by the end of this time, it will show up in the queue again
$visibilityTimeout = [System.TimeSpan]::FromSeconds(10)
# Read the messages from the queue, then show the contents of the messages.
$queueMessage = $queue.QueueClient.ReceiveMessages(1,$visibilityTimeout)
$queueMessage.Value
```
{{#endtab }}
{{#endtabs }}
### Privilege Escalation
{{#ref}}
../az-privilege-escalation/az-queue-privesc.md
{{#endref}}
### Post Exploitation
{{#ref}}
../az-post-exploitation/az-queue-post-exploitation.md
{{#endref}}
### Persistence
{{#ref}}
../az-persistence/az-queue-persistance.md
{{#endref}}
## References
- https://learn.microsoft.com/en-us/azure/storage/queues/storage-powershell-how-to-use-queues
- https://learn.microsoft.com/en-us/rest/api/storageservices/queue-service-rest-api
- https://learn.microsoft.com/en-us/azure/storage/queues/queues-auth-abac-attributes
{{#include ../../../banners/hacktricks-training.md}}