More Adventures in Azure Privilege Escalation

With the increase in hybrid cloud adoption, that extends traditional active directory domain environments into Azure, penetration tests and red team assessments are more frequently bringing Azure tenants into the engagement scope. Attackers are often finding themselves with an initial foothold in Azure, but lacking in ideas on what an escalation path would look like.

This talk will cover some of the common initial Azure access vectors, along with a handful of escalation paths for getting full control over an Azure tenant. In addition to this, we will cover some techniques for maintaining that privileged access after an initial escalation. Throughout each section, we will cover some of the tools that can be used to help identify and exploit the issues outlined in this talk. Since this is an evolving field of security research, and new attacks are coming out all the time, there will be plenty of additional content for those that saw the initial version of this talk.