Az - Table Storage Post Exploitation

Table Storage Privesc

Kwa maelezo zaidi kuhusu table storage angalia:

Microsoft.Storage/storageAccounts/tableServices/tables/entities/read

Mtu mwenye ruhusa hii ataweza orodhesha meza ndani ya table storage na kusoma taarifa ambazo zinaweza kuwa na taarifa nyeti.

# List tables
az storage table list --auth-mode login --account-name <name>

# Read table (top 10)
az storage entity query \
--account-name <name> \
--table-name <t-name> \
--auth-mode login \
--top 10

Microsoft.Storage/storageAccounts/tableServices/tables/entities/write | Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action | Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action

Mtu mwenye ruhusa hii ataweza kuandika na kufuta entries katika meza ambayo inaweza kumruhusu kuleta uharibifu au hata kupandisha mamlaka (mfano, kufuta data fulani za kuaminika ambazo zinaweza kutumia udhaifu wa sindano katika programu inayotumia hiyo).

• Ruhusa Microsoft.Storage/storageAccounts/tableServices/tables/entities/write inaruhusu vitendo vyote.

• Ruhusa Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action inaruhusu kuongeza entries

• Ruhusa Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action inaruhusu kupdate entries zilizopo

# Add
az storage entity insert \
--account-name <acc-name> \
--table-name <t-name> \
--auth-mode login \
--entity PartitionKey=HR RowKey=12345 Name="John Doe" Age=30 Title="Manager"

# Replace
az storage entity replace \
--account-name <acc-name> \
--table-name <t-name> \
--auth-mode login \
--entity PartitionKey=HR RowKey=12345 Name="John Doe" Age=30 Title="Manager"

# Update
az storage entity merge \
--account-name <acc-name> \
--table-name <t-name> \
--auth-mode login \
--entity PartitionKey=HR RowKey=12345 Name="John Doe" Age=30 Title="Manager"

*/delete

Hii itaruhusu kufuta faili ndani ya mfumo wa faili wa pamoja ambayo inaweza kuingilia baadhi ya huduma au kufanya mteja kupoteza taarifa muhimu.