Pwned Labs - Azure Blob Container to Initial Access

Overview

We created this beginner-friendly lab to give an introduction to one of the most popular Azure services - Blob Storage, and show how attackers can use it to access secrets and get a foothold in a cloud environment.

Scenario

Mega Big Tech have adopted a hybrid cloud architecture and continues to use a local on-premise Active Directory domain, as well as the Azure cloud. They are wary of being targeted due to their importance in the tech world, and have asked your team to assess the security of their infrastructure, including cloud services. An interesting URL has been found in some public documentation, and you are tasked with assessing it.

Lab prerequisites

Basic Windows command line knowledge

Learning outcomes

Familiarity with the Azure CLI
Identification and enumeration of Azure Blob Container
Leverage blob previous version functionality to reveal secrets
Understand how this attack chain could have been prevented

Real-world context

There have been numerous examples over the years of data breaches resulting from misconfigured public Azure Blob storage (the Azure equivalent of an S3 bucket). While Azure offers robust security features, the responsibility to secure data in the cloud rests with the account holder.

Cloud Security Training To Protect Your Business

Pwned Labs for Business gives your team access to dedicated business content, including labs and cyber ranges.

We also offer in-person or remote workshops, and our cloud penetration services are helping businesses become more secure!

Find out more

Azure Blob Container to Initial Access

Cloud Security Training To Protect Your Business

Privacy Policy | Terms & Conditions