Az - Management Groups, Subscriptions & Resource Groups

Reading time: 2 minutes

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

Power Apps

Power Apps can connect to on-premises SQL servers, and even if initially unexpected, there is a way to make this conection execute arbitrary SQL queries that could allow attackers to compromise on-prem SQL servers.

This is the recap from the post https://www.ibm.com/think/x-force/abusing-power-apps-compromise-on-prem-servers where you can find a detailed explanation of how to abuse Power Apps to compromise on-prem SQL servers:

  • A user creates an application that uses an on-prem SQL connection and shares it with everyone, either on purpose or inadvertently.
  • An attacker creates a new flow and adds a “Transform data with Power Query” action using the existing SQL connection.
  • If the connected user is a SQL admin or has impersonation privileges, or there are any privileged SQL links or cleartext credentials in databases, or you’ve obtained other privileged cleartext credentials, you can now pivot to an on-premises SQL server.

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks