gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-14 13:56:30 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
0059aed198bbd2b453d4a0f45a8a45e572d7899c
hacktricks-cloud/src/pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.md

4.8 KiB
Raw Blame History

Az - VMs & Network Post Exploitation

{{#include ../../../banners/hacktricks-training.md}}

VMs & Network

Kwa maelezo zaidi kuhusu Azure VMs na mtandao angalia ukurasa ufuatao:

{{#ref}} ../az-services/vms/ {{#endref}}

VM Application Pivoting

Programu za VM zinaweza kushirikiwa na usajili na wapangaji wengine. Ikiwa programu inashirikiwa inawezekana kwa sababu inatumika. Hivyo, ikiwa mshambuliaji anafanikiwa kudhoofisha programu na kupakia toleo lililo na backdoor inaweza kuwa inawezekana kwamba itatekelezwa katika wapangaji au usajili mwingine.

Taarifa nyeti katika picha

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya picha zilizochukuliwa kutoka kwa VMs katika kipindi kilichopita.

  1. Orodhesha picha kutoka kwa maktaba
# Get galleries
az sig list -o table

# List images inside gallery
az sig image-definition list \
--resource-group <RESOURCE_GROUP> \
--gallery-name <GALLERY_NAME> \
-o table

# Get images versions
az sig image-version list \
--resource-group <RESOURCE_GROUP> \
--gallery-name <GALLERY_NAME> \
--gallery-image-definition <IMAGE_DEFINITION> \
-o table
  1. Orodha picha za kawaida
az image list -o table
  1. Unda VM kutoka kwa picha ID na tafuta taarifa nyeti ndani yake
# Create VM from image
az vm create \
--resource-group <RESOURCE_GROUP> \
--name <VM_NAME> \
--image /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>/providers/Microsoft.Compute/galleries/<GALLERY_NAME>/images/<IMAGE_DEFINITION>/versions/<IMAGE_VERSION> \
--admin-username <ADMIN_USERNAME> \
--generate-ssh-keys

Taarifa nyeti katika maeneo ya kurejesha

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya maeneo ya kurejesha.

  1. Orodhesha maeneo ya kurejesha
az restore-point list \
--resource-group <RESOURCE_GROUP> \
--restore-point-collection-name <COLLECTION_NAME> \
-o table
  1. Unda diski kutoka kwa hatua ya kurejesha
az disk create \
--resource-group <RESOURCE_GROUP> \
--name <NEW_DISK_NAME> \
--source /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>/providers/Microsoft.Compute/restorePointCollections/<COLLECTION_NAME>/restorePoints/<RESTORE_POINT_NAME>
  1. Unganisha diski kwenye VM (mshambuliaji anahitaji kuwa ameshambulia VM ndani ya akaunti tayari)
az vm disk attach \
--resource-group <RESOURCE_GROUP> \
--vm-name <VM_NAME> \
--name <DISK_NAME>
  1. Pandisha diski na tafuta taarifa nyeti

{{#tabs }} {{#tab name="Linux" }}

# List all available disks
sudo fdisk -l

# Check disk format
sudo file -s /dev/sdX

# Mount it
sudo mkdir /mnt/mydisk
sudo mount /dev/sdX1 /mnt/mydisk

{{#endtab }}

{{#tab name="Windows" }}

1. Fungua Usimamizi wa Disk

  1. Bonyeza kulia Kuanza na uchague Usimamizi wa Disk.
  2. Disk iliyoambatanishwa inapaswa kuonekana kama Offline au Isiyopangwa.

2. Leta Disk Mtandaoni

  1. Tafuta disk katika sehemu ya chini.
  2. Bonyeza kulia disk (mfano, Disk 1) na uchague Mtandaoni.

3. Anzisha Disk

  1. Ikiwa disk haijaanzishwa, bonyeza kulia na uchague Anzisha Disk.
  2. Chagua mtindo wa sehemu:
  • MBR (Master Boot Record) au GPT (GUID Partition Table). GPT inapendekezwa kwa mifumo ya kisasa.

4. Unda Hifadhi Mpya

  1. Bonyeza kulia nafasi isiyopangwa kwenye disk na uchague Hifadhi Mpya Rahisi.
  2. Fuata msaidizi ili:
  • Kuweka herufi ya diski (mfano, D:).
  • Fanya muundo wa disk (chagua NTFS kwa kesi nyingi). {{#endtab }} {{#endtabs }}

Taarifa nyeti katika disks & snapshots

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya disks au hata snapshots za zamani za disk.

  1. Orodhesha snapshots
az snapshot list \
--resource-group <RESOURCE_GROUP> \
-o table
  1. Unda diski kutoka kwa picha (ikiwa inahitajika)
az disk create \
--resource-group <RESOURCE_GROUP> \
--name <DISK_NAME> \
--source <SNAPSHOT_ID> \
--size-gb <DISK_SIZE>
  1. Unganisha na kuunganisha diski kwa VM na tafuta taarifa nyeti (angalia sehemu iliyopita kuona jinsi ya kufanya hivi)

Taarifa nyeti katika Mipanuzi ya VM & Maombi ya VM

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya mipanuzi ya VM na maombi ya VM.

  1. Orodhesha maombi yote ya VM
## List all VM applications inside a gallery
az sig gallery-application list --gallery-name <gallery-name> --resource-group <res-group> --output table
  1. Sakinisha kiendelezi kwenye VM na tafuta taarifa nyeti
az vm application set \
--resource-group <rsc-group> \
--name <vm-name> \
--app-version-ids /subscriptions/9291ff6e-6afb-430e-82a4-6f04b2d05c7f/resourceGroups/Resource_Group_1/providers/Microsoft.Compute/galleries/myGallery/applications/myReverseShellApp/versions/1.0.2 \
--treat-deployment-as-failure true

{{#include ../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink