Az - Lateral Movement (Cloud - On-Prem)

Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
On-Prem machines connected to cloud
There are different ways a machine can be connected to the cloud:
Azure AD joined
Workplace joined
​https://pbs.twimg.com/media/EQZv7UHXsAArdhn?format=jpg&name=large​
Hybrid joined
​https://pbs.twimg.com/media/EQZv77jXkAAC4LK?format=jpg&name=large​
Workplace joined on AADJ or Hybrid
​https://pbs.twimg.com/media/EQZv8qBX0AAMWuR?format=jpg&name=large​
Pivoting Techniques
From the compromised machine to the cloud:
​Pass the Cookie​
​Pass the PRT​
​Pass the Certificate​
From compromising AD to compromising the Cloud and from compromising the Cloud to compromising AD:
​Azure AD Connect​
Another way to pivot from could to On-Prem is abusing Intune​
Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Az - Permissions for a Pentest

Az - Pass the Cookie

Last modified 10mo ago