We late performed an Azure Cloud Red squad Assessment where we were granted a basic reader role. In this talk we will be giving a detailed walkthrough of how we managed to execute enumeration over 2000+ Azure Services, 8000+ users, 3000+ Groups, 1500+ service principals, etc. with this minimal role.
This talk will aid you realize even with restricted environment due to Azure policies and Conditional access polices how we managed to gain privileged access on Azure services and on Azure AD components.
We will besides show how we managed to become an Owner over 25+ Azure Subscriptions and how we become Global Admin by pivoting to On-prem servers through Function Apps.
More: https://confidence-conference.org/
![[#105] Cyberprzestępczość - perspektywa prawno-karna - Zbigniew Krüger](https://i1.ytimg.com/vi/SzwplHxsBW8/maxresdefault.jpg)
