Adventures in Azure Privilege Escalation

Explore Azure privilege escalation techniques in this 46-minute conference talk from Derbycon 2019. Learn about initial entry points, the Azure permissions model, and various escalation methods, including reader rights, contributor access, and tenant admin privileges. Discover how to leverage storage accounts, virtual disks, runbooks, and automation accounts for privilege escalation. Gain insights into creating backdoors, adding accounts, and managing subscriptions in Azure environments. Conclude with a live demonstration and a Q&A session to deepen your understanding of Azure security challenges.

Intro
Overview
Initial Entry Points
Permissions Model
No Azure Access
Reader Rights
Escalation Example
Contributor Access
Local System
Storage Accounts
Virtual Disks
Runbooks
Subscriptions
Tenant Admin
Adding Accounts
Adding Guest Accounts
Creating Your Own Subscription
Automation Accounts
Demo
Watchers
Backdoors
Questions