Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition

CHAPTER 28 Hacking in Azure

In this chapter, we cover the following topics:

• How the Azure control plane and data plane work in relation to us breaking in

• How we can find Microsoft identities on Azure AD and take the accounts over

• How the system-assigned managed identities in Microsoft work and how can we use them

Microsoft’s cloud platform is known as Microsoft Azure. It is considered an infrastructure as a service (IaaS) platform, but Microsoft Azure didn’t start that way; it started as a platform as a service (PaaS) technology. As such, much of the original system was geared toward a multitenant experience with its user base. Microsoft’s cloud platform works differently from Amazon’s platform in subtle ways that, as an attacker, ...

Get Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition by Allen Harper, Ryan Linn, Stephen Sims, Michael Baucom, Huascar Tejeda, Daniel Fernandez, Moses Frost

CHAPTER 28

Hacking in Azure

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly