sql and other fixes

2025-12-28 05:33:10 -08:00 · 2025-02-20 01:50:24 +01:00
parent 6456eab2cf
commit e841f06505
10 changed files with 38 additions and 7 deletions
--- a/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
+++ b/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### Actions: `Microsoft.Storage/storageAccounts/queueServices/queues/write`
--- a/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md
+++ b/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md
@@ -0,0 +1,24 @@
+# Az - SQL Persistence
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## SQL
+
+For more information check:
+
+{{#ref}}
+../az-services/az-sql.md
+{{#endref}}
+
+### Common Persistence Techniques
+
+- Compromise SQL credentials or create an SQL user (enabling SQL auth if needed)
+- Assign a compromised user as Entrad ID administrator (enabling Entra ID auth if needed)
+- Backdoor in the VM (if SQL VM is used)
+- Create a FW rule to maintain access over the SQL database
+
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+
+
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### DataActions: `Microsoft.Storage/storageAccounts/queueServices/queues/messages/read`
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-servicebus-enum.md
+../az-services/az-servicebus.md
 {{#endref}}

 ### Actions: `Microsoft.ServiceBus/namespaces/Delete`
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-queue-enum.md
+../az-services/az-queue.md
 {{#endref}}

 ### DataActions: `Microsoft.Storage/storageAccounts/queueServices/queues/messages/read`
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md
@@ -7,7 +7,7 @@
 For more information check:

 {{#ref}}
-../az-services/az-servicebus-enum.md
+../az-services/az-servicebus.md
 {{#endref}}

 ### Microsoft.ServiceBus/namespaces/authorizationrules/listKeys/action OR Microsoft.ServiceBus/namespaces/authorizationrules/regenerateKeys/action
--- a/src/pentesting-cloud/azure-security/az-services/az-queue-enum.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-queue-enum.md
--- a/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-servicebus-enum.md
--- a/src/pentesting-cloud/azure-security/az-services/az-sql.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-sql.md
@@ -312,6 +312,12 @@ sqlcmd -S <sql-server>.database.windows.net -U <server-user> -P <server-passwork
 ../az-post-exploitation/az-sql-post-exploitation.md
 {{#endref}}

+### Persistence
+
+{{#ref}}
+../az-persistence/az-sql-persistance.md
+{{#endref}}
+
 {{#include ../../../banners/hacktricks-training.md}}