Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Penetration Testing Azure for Ethical Hackers

You're reading from   Penetration Testing Azure for Ethical Hackers Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781839212932
Length 352 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
David Okeyode David Okeyode
Author Profile Icon David Okeyode
David Okeyode
Karl Fosaaen Karl Fosaaen
Author Profile Icon Karl Fosaaen
Karl Fosaaen
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Section 1: Understanding the Azure Platform and Architecture
2. Chapter 1: Azure Platform and Architecture Overview FREE CHAPTER 3. Chapter 2: Building Your Own Environment 4. Chapter 3: Finding Azure Services and Vulnerabilities 5. Section 2: Authenticated Access to Azure
6. Chapter 4: Exploiting Reader Permissions 7. Chapter 5: Exploiting Contributor Permissions on IaaS Services 8. Chapter 6: Exploiting Contributor Permissions on PaaS Services 9. Chapter 7: Exploiting Owner and Privileged Azure AD Role Permissions 10. Chapter 8: Persisting in Azure Environments 11. Other Books You May Enjoy

Extracting data from Azure VMs

We now have a good understanding of many of the options that we have for manipulating Azure VMs as a Contributor. With this access, we will want to start gathering sensitive information and credentials from these VMs, to escalate privileges in the tenant and, potentially, the AD domain.

Here are some of the general types of information that we will want to gather from the VMs:

  • Windows NTLM hashes and in-memory credentials
  • Credentials stored in VM extension settings
  • Sensitive files and local administrator password hashes

We have already covered finding managed identities and gathering tokens from them, but they are also a key target for extracting credential data from VMs.

Gathering local credentials with Mimikatz

While an entire book could be written on all the features of Mimikatz, we will just cover the basics that are needed for extracting credentials from Windows VMs. The most basic way of running Mimikatz is running...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime