Mastering Azure Enumeration: Techniques for Unauthenticated and Authenticated Hacking
Terminology-
- Tenant — An instance of Azure AD and represents a single organization.
- Azure AD Directory — Each tenant has a dedicated Directory. This is used to perform identity and access management functions for resources.
- Subscriptions — It is used to pay for services. There can be multiple subscriptions in a Directory.
- Core Domain — The initial domain name
<tenant>.onmicrosoft.comis the core domain. It is possible to define custom domain names too.
Managed Identity(Similar to roles in AWS)-
- Azure provides the ability to assign Managed Identities to resources like app services, function apps, virtual machines, etc.
- Managed Identity uses Azure AD tokens to access other resources (like key vaults, and storage accounts) that support Azure AD authentication.
- It is a service principal of a special type that can be used with Azure resources.
- Managed Identity can be system-assigned (tied to a resource and cannot be shared with other resources) or user-assigned (independent life cycle and can be shared across resources).
Unauthenticated-
Tenant Information
https://login.microsoftonline.com/getuserrealm.srf?login=pswalia2u.onmicrosoft.com
Set-ExecutionPolicy bypass
Import-Module…
