gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-07 02:03:45 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
71f67e92be9bd843c9dae1ea7b1b21d99b10eb4e
hacktricks-cloud/pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.md
Carlos Polop 5ef56bb6b3 Recreating repository history for branch master
2024-12-12 19:35:48 +01:00

148 lines
6.3 KiB
Markdown
Raw Blame History

# Az - Key Vault Post Exploitation
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
## Azure Key Vault
For more information about this service check:
{% content-ref url="../az-services/keyvault.md" %}
[keyvault.md](../az-services/keyvault.md)
{% endcontent-ref %}
### Microsoft.KeyVault/vaults/secrets/getSecret/action
This permission will allow a principal to read the secret value of secrets:
{% code overflow="wrap" %}
```bash
az keyvault secret show --vault-name <vault name> --name <secret name>
# Get old version secret value
az keyvault secret show --id https://<KeyVaultName>.vault.azure.net/secrets/<KeyVaultName>/<idOldVersion>
```
{% endcode %}
### **Microsoft.KeyVault/vaults/certificates/purge/action**
This permission allows a principal to permanently delete a certificate from the vault.
```bash
az keyvault certificate purge --vault-name <vault name> --name <certificate name>
```
### **Microsoft.KeyVault/vaults/keys/encrypt/action**
This permission allows a principal to encrypt data using a key stored in the vault.
{% code overflow="wrap" %}
```bash
az keyvault key encrypt --vault-name <vault name> --name <key name> --algorithm <algorithm> --value <value>
# Example
echo "HackTricks" | base64 # SGFja1RyaWNrcwo=
az keyvault key encrypt --vault-name testing-1231234 --name testing --algorithm RSA-OAEP-256 --value SGFja1RyaWNrcwo=
```
{% endcode %}
### **Microsoft.KeyVault/vaults/keys/decrypt/action**
This permission allows a principal to decrypt data using a key stored in the vault.
{% code overflow="wrap" %}
```bash
az keyvault key decrypt --vault-name <vault name> --name <key name> --algorithm <algorithm> --value <value>
# Example
az keyvault key decrypt --vault-name testing-1231234 --name testing --algorithm RSA-OAEP-256 --value "ISZ+7dNcDJXLPR5MkdjNvGbtYK3a6Rg0ph/+3g1IoUrCwXnF791xSF0O4rcdVyyBnKRu0cbucqQ/+0fk2QyAZP/aWo/gaxUH55pubS8Zjyw/tBhC5BRJiCtFX4tzUtgTjg8lv3S4SXpYUPxev9t/9UwUixUlJoqu0BgQoXQhyhP7PfgAGsxayyqxQ8EMdkx9DIR/t9jSjv+6q8GW9NFQjOh70FCjEOpYKy9pEGdLtPTrirp3fZXgkYfIIV77TXuHHdR9Z9GG/6ge7xc9XT6X9ciE7nIXNMQGGVCcu3JAn9BZolb3uL7PBCEq+k2rH4tY0jwkxinM45tg38Re2D6CEA==" # This is the result from the previous encryption
```
{% endcode %}
### **Microsoft.KeyVault/vaults/keys/purge/action**
This permission allows a principal to permanently delete a key from the vault.
```bash
az keyvault key purge --vault-name <vault name> --name <key name>
```
### **Microsoft.KeyVault/vaults/secrets/purge/action**
This permission allows a principal to permanently delete a secret from the vault.
```bash
az keyvault secret purge --vault-name <vault name> --name <secret name>
```
### **Microsoft.KeyVault/vaults/secrets/setSecret/action**
This permission allows a principal to create or update a secret in the vault.
{% code overflow="wrap" %}
```bash
az keyvault secret set --vault-name <vault name> --name <secret name> --value <secret value>
```
{% endcode %}
### **Microsoft.KeyVault/vaults/certificates/delete**
This permission allows a principal to delete a certificate from the vault. The certificate is moved to the "soft-delete" state, where it can be recovered unless purged.
{% code overflow="wrap" %}
```bash
az keyvault certificate delete --vault-name <vault name> --name <certificate name>
```
{% endcode %}
### **Microsoft.KeyVault/vaults/keys/delete**
This permission allows a principal to delete a key from the vault. The key is moved to the "soft-delete" state, where it can be recovered unless purged.
```bash
az keyvault key delete --vault-name <vault name> --name <key name>
```
### **Microsoft.KeyVault/vaults/secrets/delete**
This permission allows a principal to delete a secret from the vault. The secret is moved to the "soft-delete" state, where it can be recovered unless purged.
```bash
az keyvault secret delete --vault-name <vault name> --name <secret name>
```
### Microsoft.KeyVault/vaults/secrets/restore/action
This permission allows a principal to restore a secret from a backup.
```bash
az keyvault secret restore --vault-name <vault-name> --file <backup-file-path>
```
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
Reference in New Issue View Git Blame Copy Permalink