Extracting credentials from App Service

#azure #cloudsecurity #pentest

*Test at your own risk

1.Use the Get-AzPasswords function to perform a dump of credentials for App Service:

Get-AzPasswords -AutomationAccounts N -StorageAccounts N -Keys N -ACR N -CosmosDB N - Verbose | Out-GridView

2.When prompted to select an Azure subscription, select your test Azure subscription and click OK.

3.In the resulting output, you should see credentials that were dumped from the App service configurations.

Now that we have access to the app service publish profile, we will see how these credentials can be used with the application.

Reference
https://github.com/cheahengsoon/Penetration-Testing-Azure-for-Ethical-Hackers

Top comments (0)

The Power of Local Reviews: A Guide to SEO and Reputation Management

Anisha - Apr 19

zoomcamp data engineering project - part 1

Okibaba - Apr 19

How do I choose the right tile size for my kitchen tiles with BR-ceramics?

Bhupinder Rawat - Apr 19

My First DEV Challenge v24.03.20, Glam Up My Markup: Camp Activities_

Yashvi Chauhan - Apr 19

DEV Community