Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Penetration Testing Azure for Ethical Hackers

You're reading from   Penetration Testing Azure for Ethical Hackers Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781839212932
Length 352 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
David Okeyode David Okeyode
Author Profile Icon David Okeyode
David Okeyode
Karl Fosaaen Karl Fosaaen
Author Profile Icon Karl Fosaaen
Karl Fosaaen
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Section 1: Understanding the Azure Platform and Architecture
2. Chapter 1: Azure Platform and Architecture Overview FREE CHAPTER 3. Chapter 2: Building Your Own Environment 4. Chapter 3: Finding Azure Services and Vulnerabilities 5. Section 2: Authenticated Access to Azure
6. Chapter 4: Exploiting Reader Permissions 7. Chapter 5: Exploiting Contributor Permissions on IaaS Services 8. Chapter 6: Exploiting Contributor Permissions on PaaS Services 9. Chapter 7: Exploiting Owner and Privileged Azure AD Role Permissions 10. Chapter 8: Persisting in Azure Environments 11. Other Books You May Enjoy

Chapter 4: Exploiting Reader Permissions

While the Reader role is not as heavily used in subscriptions as the Contributor or Owner roles, it does allow users to read basic information about the resources and configurations of the services. As an initial entry point into an environment, the Reader role may allow you to read sensitive information that could be used to pivot to more privileged roles.

The Reader role does not allow any modifications to services or resources, but it will allow an attacker to enumerate the attack surface area for the environment. This reason is frequently a driver for issuing Reader access to any Azure AD accounts that might be provisioned for use during an Azure penetration test.

For good reason, many organizations want to avoid giving a penetration tester mutating (Contributor or higher) access on a subscription during a penetration test. By issuing a Reader role account, the tester will gain insight that will help them identify misconfigurations...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image