*Test at your own risk
1.Use the Get-AzPasswords function to perform a dump of credentials for App Service:
Get-AzPasswords -AutomationAccounts N -StorageAccounts N -Keys N -ACR N -CosmosDB N - Verbose | Out-GridView
2.When prompted to select an Azure subscription, select your test Azure subscription and click OK.
3.In the resulting output, you should see credentials that were dumped from the App service configurations.
Now that we have access to the app service publish profile, we will see how these credentials can be used with the application.
Reference
https://github.com/cheahengsoon/Penetration-Testing-Azure-for-Ethical-Hackers
Top comments (0)