Az - Local Cloud Credentials
Reading time: 2 minutes
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Local Token Storage and Security Considerations
Reading time: 2 minutes
Azure CLI (Command-Line Interface)
Reading time: 2 minutes
Tokens and sensitive data are stored locally by Azure CLI, raising security concerns:
- Access Tokens: Stored in plaintext within
accessTokens.json
located atC:\Users\<username>\.Azure
. - Subscription Information:
azureProfile.json
, in the same directory, holds subscription details. - Log Files: The
ErrorRecords
folder within.azure
might contain logs with exposed credentials, such as:- Executed commands with credentials embedded.
- URLs accessed using tokens, potentially revealing sensitive information.
Azure PowerShell
Reading time: 2 minutes
Azure PowerShell also stores tokens and sensitive data, which can be accessed locally:
- Access Tokens:
TokenCache.dat
, located atC:\Users\<username>\.Azure
, stores access tokens in plaintext. - Service Principal Secrets: These are stored unencrypted in
AzureRmContext.json
. - Token Saving Feature: Users have the ability to persist tokens using the
Save-AzContext
command, which should be used cautiously to prevent unauthorized access.
Automatic Tools to find them
Reading time: 2 minutes
Security Recommendations
Reading time: 2 minutes
Considering the storage of sensitive data in plaintext, it's crucial to secure these files and directories by:
- Limiting access rights to these files.
- Regularly monitoring and auditing these directories for unauthorized access or unexpected changes.
- Employing encryption for sensitive files where possible.
- Educating users about the risks and best practices for handling such sensitive information.
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.