Az - VMs & Network Post Exploitation

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

VMs & Network

Kwa maelezo zaidi kuhusu Azure VMs na mitandao angalia ukurasa ufuatao:

Az - Virtual Machines & Network

VM Application Pivoting

Programu za VM zinaweza kushirikiwa na usajili na wapangaji wengine. Ikiwa programu inashirikiwa, huenda ni kwa sababu inatumika. Hivyo, ikiwa mshambuliaji anafanikiwa kuharibu programu na kupakia toleo lililo na backdoor inaweza kuwa inawezekana kwamba itatekelezwa katika mpangaji au usajili mwingine.

Taarifa nyeti katika picha

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya picha zilizochukuliwa kutoka kwa VMs katika kipindi kilichopita.

Orodhesha picha kutoka kwa maktaba

# Get galleries
az sig list -o table

# List images inside gallery
az sig image-definition list \
--resource-group <RESOURCE_GROUP> \
--gallery-name <GALLERY_NAME> \
-o table

# Get images versions
az sig image-version list \
--resource-group <RESOURCE_GROUP> \
--gallery-name <GALLERY_NAME> \
--gallery-image-definition <IMAGE_DEFINITION> \
-o table

Orodha ya picha za kawaida

az image list -o table

Unda VM kutoka kwa picha ID na tafuta taarifa nyeti ndani yake

# Create VM from image
az vm create \
--resource-group <RESOURCE_GROUP> \
--name <VM_NAME> \
--image /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>/providers/Microsoft.Compute/galleries/<GALLERY_NAME>/images/<IMAGE_DEFINITION>/versions/<IMAGE_VERSION> \
--admin-username <ADMIN_USERNAME> \
--generate-ssh-keys

Taarifa nyeti katika maeneo ya kurejesha

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya maeneo ya kurejesha.

Orodhesha maeneo ya kurejesha

az restore-point list \
--resource-group <RESOURCE_GROUP> \
--restore-point-collection-name <COLLECTION_NAME> \
-o table

Unda diski kutoka kwa nukta ya kurejesha

az disk create \
--resource-group <RESOURCE_GROUP> \
--name <NEW_DISK_NAME> \
--source /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>/providers/Microsoft.Compute/restorePointCollections/<COLLECTION_NAME>/restorePoints/<RESTORE_POINT_NAME>

Unganisha diski kwa VM (mshambuliaji anahitaji kuwa amepata udhibiti wa VM ndani ya akaunti tayari)

az vm disk attach \
--resource-group <RESOURCE_GROUP> \
--vm-name <VM_NAME> \
--name <DISK_NAME>

Mount diski na tafuta taarifa nyeti

# List all available disks
sudo fdisk -l

# Check disk format
sudo file -s /dev/sdX

# Mount it
sudo mkdir /mnt/mydisk
sudo mount /dev/sdX1 /mnt/mydisk

1. Fungua Usimamizi wa Diski

Bonyeza kulia Kuanza na uchague Usimamizi wa Diski.
Diski iliyoambatanishwa inapaswa kuonekana kama Offline au Isiyopangwa.

2. Leta Diski Mtandaoni

Tafuta diski kwenye sehemu ya chini.
Bonyeza kulia diski (mfano, Disk 1) na uchague Mtandaoni.

3. Anzisha Diski

Ikiwa diski haijaanzishwa, bonyeza kulia na uchague Anzisha Diski.
Chagua mtindo wa sehemu:
MBR (Master Boot Record) au GPT (GUID Partition Table). GPT inapendekezwa kwa mifumo ya kisasa.

4. Unda Hifadhi Mpya

Bonyeza kulia kwenye nafasi isiyopangwa kwenye diski na uchague Hifadhi Mpya Rahisi.
Fuata msaidizi ili:
Pata herufi ya diski (mfano, D:).
Fanya muundo wa diski (chagua NTFS kwa kesi nyingi).

Taarifa nyeti kwenye diski & picha za snapshot

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya diski au hata picha za snapshot za zamani za diski.

Orodhesha picha za snapshot

az snapshot list \
--resource-group <RESOURCE_GROUP> \
-o table

Unda diski kutoka kwa picha (ikiwa inahitajika)

az disk create \
--resource-group <RESOURCE_GROUP> \
--name <DISK_NAME> \
--source <SNAPSHOT_ID> \
--size-gb <DISK_SIZE>

Unganisha na kuunganisha diski kwa VM na tafuta taarifa nyeti (angalia sehemu iliyopita kuona jinsi ya kufanya hivyo)

Taarifa nyeti katika VM Extensions & VM Applications

Inaweza kuwa inawezekana kupata taarifa nyeti ndani ya VM extensions na VM applications.

Orodhesha programu zote za VM

## List all VM applications inside a gallery
az sig gallery-application list --gallery-name <gallery-name> --resource-group <res-group> --output table

Sakinisha kiendelezi kwenye VM na tafuta taarifa nyeti

az vm application set \
--resource-group <rsc-group> \
--name <vm-name> \
--app-version-ids /subscriptions/9291ff6e-6afb-430e-82a4-6f04b2d05c7f/resourceGroups/Resource_Group_1/providers/Microsoft.Compute/galleries/myGallery/applications/myReverseShellApp/versions/1.0.2 \
--treat-deployment-as-failure true

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousAz - Table Storage Post Exploitation NextAz - Privilege Escalation

Last updated 13 days ago