Chapter 5: Exploiting Contributor Permissions on IaaS Services
In the previous chapter of this book, we looked at options to escalate privileges from the Reader RBAC role to the Contributor role. We will go further in this chapter by looking at how we can leverage the permissions of the Contributor role to exploit Infrastructure as a Service (IaaS) workloads with the goals of escalating privileges and exfiltrating data. We will also cover how the Contributor role can be used to hunt for other credentials that could be used to move laterally within the environment beyond the normal scope of the Contributor access role.
Here are the main topics that we will cover:
- Reviewing the Contributor RBAC role
- Understanding Contributor IaaS escalation ...
Get Penetration Testing Azure for Ethical Hackers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.