Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Adventures in Azure Privilege Escalation

via YouTube

Overview

Explore Azure privilege escalation techniques in this 46-minute conference talk from Derbycon 2019. Learn about initial entry points, the Azure permissions model, and various escalation methods, including reader rights, contributor access, and tenant admin privileges. Discover how to leverage storage accounts, virtual disks, runbooks, and automation accounts for privilege escalation. Gain insights into creating backdoors, adding accounts, and managing subscriptions in Azure environments. Conclude with a live demonstration and a Q&A session to deepen your understanding of Azure security challenges.

Syllabus

Intro
Overview
Initial Entry Points
Permissions Model
No Azure Access
Reader Rights
Escalation Example
Contributor Access
Local System
Storage Accounts
Virtual Disks
Runbooks
Subscriptions
Tenant Admin
Adding Accounts
Adding Guest Accounts
Creating Your Own Subscription
Automation Accounts
Demo
Watchers
Backdoors
Questions

Reviews

Start your review of Adventures in Azure Privilege Escalation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.