Az - Application Proxy

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

From the docs:

Azure Active Directory's Application Proxy inatoa ufikiaji salama wa mbali kwa programu za wavuti za ndani. Baada ya kuingia mara moja kwenye Azure AD, watumiaji wanaweza kufikia programu za wingu na programu za ndani kupitia URL ya nje au lango la programu za ndani.

Inafanya kazi kama ifuatavyo:

Baada ya mtumiaji kufikia programu kupitia kiunganishi, mtumiaji anapelekwa kwenye ukurasa wa kuingia wa Azure AD.
Baada ya kuingia kwa mafanikio, Azure AD inatuma tokeni kwa kifaa cha mteja wa mtumiaji.
Mteja anatumia tokeni kwa huduma ya Application Proxy, ambayo inapata jina la msingi la mtumiaji (UPN) na jina la msingi la usalama (SPN) kutoka kwa tokeni. Application Proxy kisha inatuma ombi kwa kiunganishi cha Application Proxy.
Ikiwa umeweka muunganisho wa mara moja, kiunganishi kinafanya uthibitishaji wa ziada wowote unaohitajika kwa niaba ya mtumiaji.
Kiunganishi kinatuma ombi kwa programu za ndani.
Jibu linatumwa kupitia kiunganishi na huduma ya Application Proxy kwa mtumiaji.

Enumeration

# Enumerate applications with application proxy configured
Get-AzureADApplication | %{try{Get-AzureADApplicationProxyApplication -ObjectId $_.ObjectID;$_.DisplayName;$_.ObjectID}catch{}}

# Get applications service principal
Get-AzureADServicePrincipal -All $true | ?{$_.DisplayName -eq "Name"}

# Use the following ps1 script from https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/scripts/powershell-display-users-group-of-app
# to find users and groups assigned to the application. Pass the ObjectID of the Service Principal to it
Get-ApplicationProxyAssignedUsersAndGroups -ObjectId <object-id>

References

https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousAz - ACR NextAz - ARM Templates / Deployments

Last updated 3 days ago

Basic Information

Inafanya kazi kama ifuatavyo:

Baada ya mtumiaji kufikia programu kupitia kiunganishi, mtumiaji anapelekwa kwenye ukurasa wa kuingia wa Azure AD.

Baada ya kuingia kwa mafanikio, Azure AD inatuma tokeni kwa kifaa cha mteja wa mtumiaji.

Mteja anatumia tokeni kwa huduma ya Application Proxy, ambayo inapata jina la msingi la mtumiaji (UPN) na jina la msingi la usalama (SPN) kutoka kwa tokeni. Application Proxy kisha inatuma ombi kwa kiunganishi cha Application Proxy.

Ikiwa umeweka muunganisho wa mara moja, kiunganishi kinafanya uthibitishaji wa ziada wowote unaohitajika kwa niaba ya mtumiaji.

Kiunganishi kinatuma ombi kwa programu za ndani.

Jibu linatumwa kupitia kiunganishi na huduma ya Application Proxy kwa mtumiaji.

Enumeration

# Enumerate applications with application proxy configured
Get-AzureADApplication | %{try{Get-AzureADApplicationProxyApplication -ObjectId $_.ObjectID;$_.DisplayName;$_.ObjectID}catch{}}

# Get applications service principal
Get-AzureADServicePrincipal -All $true | ?{$_.DisplayName -eq "Name"}

# Use the following ps1 script from https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/scripts/powershell-display-users-group-of-app
# to find users and groups assigned to the application. Pass the ObjectID of the Service Principal to it
Get-ApplicationProxyAssignedUsersAndGroups -ObjectId <object-id>