YoVDO

Adventures in Azure Privilege Escalation

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Ethical Hacking Courses System Administration Courses Azure Security Courses

Course Description

Overview

Explore Azure privilege escalation techniques in this 46-minute conference talk from Derbycon 2019. Learn about initial entry points, the Azure permissions model, and various escalation methods, including reader rights, contributor access, and tenant admin privileges. Discover how to leverage storage accounts, virtual disks, runbooks, and automation accounts for privilege escalation. Gain insights into creating backdoors, adding accounts, and managing subscriptions in Azure environments. Conclude with a live demonstration and a Q&A session to deepen your understanding of Azure security challenges.

Syllabus

Intro
Overview
Initial Entry Points
Permissions Model
No Azure Access
Reader Rights
Escalation Example
Contributor Access
Local System
Storage Accounts
Virtual Disks
Runbooks
Subscriptions
Tenant Admin
Adding Accounts
Adding Guest Accounts
Creating Your Own Subscription
Automation Accounts
Demo
Watchers
Backdoors
Questions


Related Courses

Breaking the Teeth of Bluetooth Padlocks
YouTube Closing Keynote Lectures or Life Experiences Awareness Training that Works
YouTube Do You Want Educated Users Because This is How You Get Educated Users
YouTube Don't Blame That Checklist for Your Crappy Security Program
YouTube Managing Your MSSP
YouTube