mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2025-12-22 07:10:43 -08:00
3.2 KiB
3.2 KiB
Az - VMs Unath
{% hint style="success" %}
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Virtual Machines
For more info about Azure Virtual Machines check:
{% content-ref url="../az-services/vms/" %} vms {% endcontent-ref %}
Exposed vulnerable service
A network service that is vulnerable to some RCE.
Public Gallery Images
A public image might have secrets inside of it:
{% code overflow="wrap" %}
# List all community galleries
az sig list-community --output table
# Search by publisherUri
az sig list-community --output json --query "[?communityMetadata.publisherUri=='https://3nets.io']"
{% endcode %}
Public Extensions
This would be more weird but not impossible. A big company might put an extension with sensitive data inside of it:
# It takes some mins to run
az vm extension image list --output table
# Get extensions by publisher
az vm extension image list --publisher "Site24x7" --output table
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.