Az - Table Storage Post Exploitation
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
For more information about table storage check:
Az - Table StorageA principal with this permission will be able to list the tables inside a table storage and read the info which might contain sensitive information.
A principal with this permission will be able to write and overwrite entries in tables which might allow him to cause some damage or even escalate privileges (e.g. overwrite some trusted data that could abuse some injection vulnerability in the app using it).
The permission Microsoft.Storage/storageAccounts/tableServices/tables/entities/write
allows all the actions.
The permission Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action
allows to add entries
The permission Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action
allows to update existing entries
This would allow to delete file inside the shared filesystem which might interrupt some services or make the client lose valuable information.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)