Chapter 6: Exploiting Contributor Permissions on PaaS Services

In the previous chapter, we explored how the Contributor role can be used to exploit Azure resources for Infrastructure as a Service (IaaS)-centered scenarios. We focused on how the Contributor role's credentials can be leveraged to escalate permissions to the Azure RBAC Owner role, hunt for other credentials, and exfiltrate data from virtual machines. In this chapter, we will explore how to achieve similar objectives for Platform as a Service (PaaS) scenarios. There will be some overlap of the general concepts in this chapter, but we will be focusing on how these concepts differ as they apply to PaaS scenarios.

In this chapter, we are going to cover the following main topics:

Get Penetration Testing Azure for Ethical Hackers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen

Chapter 6: Exploiting Contributor Permissions on PaaS Services

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly