Az - File Share Post Exploitation

Reading time: 3 minutes

File Share Post Exploitation

Kwa maelezo zaidi kuhusu file shares angalia:

Az - File Shares

Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read

Mtu mwenye ruhusa hii ataweza orodhesha faili ndani ya file share na kupakua faili ambazo zinaweza kuwa na taarifa nyeti.

# List files inside an azure file share
az storage file list \
--account-name <name> \
--share-name <share-name> \
--auth-mode login --enable-file-backup-request-intent

# Download an specific file
az storage file download \
--account-name <name> \
--share-name <share-name> \
--path <filename-to-download> \
--dest /path/to/down \
--auth-mode login --enable-file-backup-request-intent

Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write, Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action

Mtu mwenye ruhusa hii ataweza kuandika na kufuta faili katika sehemu za faili ambayo inaweza kumruhusu kuleta uharibifu au hata kupandisha mamlaka (kwa mfano, kufuta baadhi ya msimbo uliohifadhiwa katika sehemu ya faili):

az storage blob upload \
--account-name <acc-name> \
--container-name <container-name> \
--file /tmp/up.txt --auth-mode login --overwrite

*/delete

Hii itaruhusu kufuta faili ndani ya mfumo wa faili ulio shiriki ambao unaweza kuingilia baadhi ya huduma au kufanya mteja kupoteza taarifa muhimu.