YoVDO

Adventures in Azure Privilege Escalation

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Ethical Hacking Courses System Administration Courses Azure Security Courses

Course Description

Overview

Explore Azure privilege escalation techniques in this 46-minute conference talk from Derbycon 2019. Learn about initial entry points, the Azure permissions model, and various escalation methods, including reader rights, contributor access, and tenant admin privileges. Discover how to leverage storage accounts, virtual disks, runbooks, and automation accounts for privilege escalation. Gain insights into creating backdoors, adding accounts, and managing subscriptions in Azure environments. Conclude with a live demonstration and a Q&A session to deepen your understanding of Azure security challenges.

Syllabus

Intro
Overview
Initial Entry Points
Permissions Model
No Azure Access
Reader Rights
Escalation Example
Contributor Access
Local System
Storage Accounts
Virtual Disks
Runbooks
Subscriptions
Tenant Admin
Adding Accounts
Adding Guest Accounts
Creating Your Own Subscription
Automation Accounts
Demo
Watchers
Backdoors
Questions


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube