Az - Default Applications

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Check the techinque in: https://dirkjanm.io/azure-ad-privilege-escalation-application-admin/, https://www.youtube.com/watch?v=JEIR5oGCwdg and https://www.youtube.com/watch?v=xei8lAPitX8

Post ya blog inazungumzia udhaifu wa kupandisha hadhi katika Azure AD, ikiruhusu Wasimamizi wa Programu au Akaunti za Sync za On-Premise zilizovunjwa kupandisha hadhi kwa kupewa ithibati kwa programu. Udhaifu huu, unaotokana na tabia ya "kwa muundo" ya Azure AD katika kushughulikia programu na wakala wa huduma, unawaathiri hasa programu za ofisi za 365 za default. Ingawa umeripotiwa, suala hili halikuzingatiwa kama udhaifu na Microsoft kutokana na hati ya tabia ya ugawaji wa haki za usimamizi. Post hii inatoa maarifa ya kiufundi kwa undani na inashauri ukaguzi wa kawaida wa ithibati za wakala wa huduma katika mazingira ya Azure AD. Kwa maelezo zaidi, unaweza kutembelea post ya blog asili.

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousAz- Synchronising New Users NextAz - Cloud Kerberos Trust

Last updated 1 month ago