Pwned Labs for Business - Exploit MFA Enablement Gaps for Resource Access

Overview

We can often come up against MFA on engagements. This intermediate lab showcases a technique for bypassing MFA, and also highlights how we can use native API calls to our advantage.

Scenario

After starting with a read-only account on an internal engagement we have moved laterally to the user account Lina.Meier@megabigtech.com. We tried to access the Azure Portal but are getting prompted for MFA. Can you help us unlock our access and demonstrate impact by accessing sensitive information?

Lab prerequisites

Familiarity with Azure and the command line
Basic web knowledge

Learning outcomes

Identify MFA enablement gaps using FindMeAccess
Understand how Conditional Access gaps can occur
Gain command execution on an Azure WordPress instance
Move laterally to other resources using a managed identity
Send direct API requests to overcome tool limitations

Real-world context

MFA can save the day in the event of credentials being leaked. However, if there is a gap in MFA enablement, threat actors can exploit it to gain access as the compromised identity. The lab also showcases a well adopted web application framework, and how we can use legitimate functionality to gain command execution.

Cloud Security Training To Protect Your Business

Pwned Labs for Business gives your team access to dedicated business content, including labs and cyber ranges.

We also offer in-person or remote workshops, and our cloud penetration services are helping businesses become more secure!

Find out more!

Exploit MFA Enablement Gaps for Resource Access

Cloud Security Training To Protect Your Business

Privacy Policy | Terms & Conditions