Hi!
Two weeks ago, I had the pleasure to give a talk for the Global Azure 2022 – Quebec City Chapter about the Cloud Security Training.
Maxime.
Hi!
Two weeks ago, I had the pleasure to give a talk for the Global Azure 2022 – Quebec City Chapter about the Cloud Security Training.
Maxime.
Hi!
In this article, I will show you how you can scan an Azure Blob to identity potential public storage containers. By default when you create a new container, you have 3 options to define the public level access:
To leverage this attack, we will use a function including in the MicroBurst tool.
Invoke-EnumerateAzureBlobs -Base yourcompanyname
In this example, I will use an additional containerlist file with some folders examples (dev, non, prod, devprod, ….)
Invoke-EnumerateAzureBlobs -Base zigmaxlab -Folders .\containerlist.txt
Maxime.
Hi!
Attackers want to target service principals because:
Sign-in with the service principal using Azure CLI:
az login –service-principal -u YourServicePrincipald -p YourServicePrincipalPassword -tenant YourTenantId –allow-no-subscriptions
To prevent this attack, you can define a Conditional Access policies for your service principals. You need to have an Azure Active Directory Premium P2 to enable this feature.
Maxime.