Skip to content
Beginner Friendly
RedTeamBadge
azure (3)

Exploit SQL Injection in Azure Function App

Gain access into the Azure environment using this common vulnerability!

30 Minute Playing time
Beginner Friendly 

azure (3)          RedTeamBadge

 

Exploit SQL Injection in Azure Function App

Gain access into the Azure environment using this common vulnerability!

30 Minute Playing time
Overview

We created this fun and beginner-friendly lab to highlight how serverless apps are not immune to vulnerabilities affecting traditional web apps. It also showcases how a managed identity assigned to a compromised web app can be leveraged for lateral movement. We'll also learn how this scenario could have been mitigated.

Scenario

Our red team performed a password spray and compromised several accounts have been recently created with a default password, ready for the new company hires to log in. You have been provided with credentials for a compromised account and are tasked with gaining further access to the Azure environment.

Lab prerequisites
Basic Windows and Linux command line knowledge
Learning outcomes
  • Identify if a managed identity has been assigned to an Azure Web App
  • Obtain an access token for the managed identity and reuse it with AzureHound
  • Enumerate resources by calling the Azure Resource Manager API
  • Identify and exploit an Azure Function App SQL injection vulnerability
  • Learn how this scenario could have been prevented
Real-world context

Serverless technologies such as Azure Function Apps can suffer from many of the same vulnerabilities that affect traditional web applications, and same mitigations of using parameterized queries and ensuring proper validation and sanitization of user-input applies. Once a web app is compromised, it doesn't have to stop there! Azure Web Apps are often associated with managed identities, that may be assigned permissions to other Azure resources.

Pwned Labs:
Your cloud security training ground

Experience, real-world, byte sized cloud security labs for training cyber warriors. From beginners to pros, our engaging platform allows you to secure your defenses, ignite your career and stay ahead of threats.

Join us at any stage of your journey