Simulating penetration testing in the isolated network environment
Given that our lab environment in Microsoft Azure has been set up successfully, we can now proceed with a simplified penetration testing simulation to verify if everything has been (mis)configured correctly. Compared to the previous chapter, our penetration testing simulation in this chapter will be a bit longer as we are dealing with a relatively more complex setup:
Figure 5.18 – Penetration testing simulation
Our simulation starts by compromising a Metasploitable 2 container running inside the VM instance. Given that this running container has been configured with the --privileged flag enabled, we can escape the container environment using a container breakout technique and access the host system, where we’ll find the first flag. We will then utilize the system-assigned managed identity assigned to the VM instance to access Azure Key Vault, where we’ll find the second...
