Azure Blob Container to Initial Access
Discover how attackers can leverage Blob Storage to get a foothold in Azure
Azure Blob Container to Initial Access
Discover how attackers can leverage Blob Storage to get a foothold in Azure
Overview
We created this beginner-friendly lab to give an introduction to one of the most popular Azure services - Blob Storage, and show how attackers can use it to access secrets and get a foothold in a cloud environment.
Scenario
Mega Big Tech have adopted a hybrid cloud architecture and continues to use a local on-premise Active Directory domain, as well as the Azure cloud. They are wary of being targeted due to their importance in the tech world, and have asked your team to assess the security of their infrastructure, including cloud services. An interesting URL has been found in some public documentation, and you are tasked with assessing it.
Lab prerequisites
Learning outcomes
- Familiarity with the Azure CLI
- Identification and enumeration of Azure Blob Container
- Leverage blob previous version functionality to reveal secrets
- Understand how this attack chain could have been prevented
Real-world context
There have been numerous examples over the years of data breaches resulting from misconfigured public Azure Blob storage (the Azure equivalent of an S3 bucket). While Azure offers robust security features, the responsibility to secure data in the cloud rests with the account holder.
Pwned Labs:
Your cloud security training ground
Experience, real-world, byte sized cloud security labs for training cyber warriors. From beginners to pros, our engaging platform allows you to secure your defenses, ignite your career and stay ahead of threats.