Az - Permissions for a Pentest
Reading time: 2 minutes
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
To start a white box hardening review of some Entra ID tenats you need to ask for Global Reader
role on each tenant. Moreover, to perform a hardening review of different Azure subscriptions you would need at least the Reader
role over all the subscriptions.
Note that if those roles aren't enough to access all the info you need, you could also ask the client for roles with the permissions you need. Just try to minimize the amount of not read-only permissions you ask for!
Another option is to ask for Security Reader
role instead of Reader
if the client complaints to reduce the granted privileges. However, this increases the possibility of the pentester asking for more read roles later as the Reader
role grants "*/read"
while the Security Reader
role grants:
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/read",
"Microsoft.operationalInsights/workspaces/*/read",
"Microsoft.Resources/deployments/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Security/*/read",
"Microsoft.IoTSecurity/*/read",
"Microsoft.Support/*/read",
"Microsoft.Security/iotDefenderSettings/packageDownloads/action",
"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action",
"Microsoft.Security/iotSensors/downloadResetPassword/action",
"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action",
"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action",
"Microsoft.Management/managementGroups/read"
]
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.