sql and other fixes

2025-12-09 22:30:47 -08:00 · 2025-02-20 01:50:24 +01:00
parent 6456eab2cf
commit e841f06505
10 changed files with 38 additions and 7 deletions
--- a/src/SUMMARY.md
+++ b/src/SUMMARY.md
@@ -425,8 +425,8 @@
    - [Az - Management Groups, Subscriptions & Resource Groups](pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.md)
    - [Az - MySQL](pentesting-cloud/azure-security/az-services/az-mysql.md)
    - [Az - PostgreSQL](pentesting-cloud/azure-security/az-services/az-postgresql.md)
-    - [Az - Queue Storage](pentesting-cloud/azure-security/az-services/az-queue-enum.md)
-    - [Az - Service Bus](pentesting-cloud/azure-security/az-services/az-servicebus-enum.md)
+    - [Az - Queue Storage](pentesting-cloud/azure-security/az-services/az-queue.md)
+    - [Az - Service Bus](pentesting-cloud/azure-security/az-services/az-servicebus.md)
    - [Az - SQL](pentesting-cloud/azure-security/az-services/az-sql.md)
    - [Az - Static Web Applications](pentesting-cloud/azure-security/az-services/az-static-web-apps.md)
    - [Az - Storage Accounts & Blobs](pentesting-cloud/azure-security/az-services/az-storage.md)
@@ -489,6 +489,7 @@
  - [Az - Persistence](pentesting-cloud/azure-security/az-persistence/README.md)
    - [Az - Automation Accounts Persistence](pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.md)
    - [Az - Cloud Shell Persistence](pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.md)
+    - [Az - Queue SQL Persistence](pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md)
    - [Az - Queue Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md)
    - [Az - VMs Persistence](pentesting-cloud/azure-security/az-persistence/az-vms-persistence.md)
    - [Az - Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-storage-persistence.md)
--- a/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
+++ b/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### Actions: `Microsoft.Storage/storageAccounts/queueServices/queues/write`
--- a/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md
+++ b/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md
@@ -0,0 +1,24 @@
+# Az - SQL Persistence
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## SQL
+
+For more information check:
+
+{{#ref}}
+../az-services/az-sql.md
+{{#endref}}
+
+### Common Persistence Techniques
+
+- Compromise SQL credentials or create an SQL user (enabling SQL auth if needed)
+- Assign a compromised user as Entrad ID administrator (enabling Entra ID auth if needed)
+- Backdoor in the VM (if SQL VM is used)
+- Create a FW rule to maintain access over the SQL database
+
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+
+
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### DataActions: `Microsoft.Storage/storageAccounts/queueServices/queues/messages/read`
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-servicebus-enum.md
+../az-services/az-servicebus.md
 {{#endref}}

 ### Actions: `Microsoft.ServiceBus/namespaces/Delete`
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### DataActions: `Microsoft.Storage/storageAccounts/queueServices/queues/messages/read`
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-servicebus-enum.md
+../az-services/az-servicebus.md
 {{#endref}}

 ### Microsoft.ServiceBus/namespaces/authorizationrules/listKeys/action OR Microsoft.ServiceBus/namespaces/authorizationrules/regenerateKeys/action
--- a/src/pentesting-cloud/azure-security/az-services/az-queue-enum.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-queue-enum.md
--- a/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
--- a/src/pentesting-cloud/azure-security/az-services/az-sql.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-sql.md
@@ -312,6 +312,12 @@ sqlcmd -S <sql-server>.database.windows.net -U <server-user> -P <server-passwork
 ../az-post-exploitation/az-sql-post-exploitation.md
 {{#endref}}

+### Persistence
+
+{{#ref}}
+../az-persistence/az-sql-persistance.md
+{{#endref}}
+
 {{#include ../../../banners/hacktricks-training.md}}