Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Tokens and sensitive data are stored locally by Azure CLI, raising security concerns:
- Access Tokens: Stored in plaintext within
accessTokens.json
located atC:\Users\<username>\.Azure
. - Subscription Information:
azureProfile.json
, in the same directory, holds subscription details. - Log Files: The
ErrorRecords
folder within.azure
might contain logs with exposed credentials, such as:- Executed commands with credentials embedded.
- URLs accessed using tokens, potentially revealing sensitive information.
Azure PowerShell also stores tokens and sensitive data, which can be accessed locally:
- Access Tokens:
TokenCache.dat
, located atC:\Users\<username>\.Azure
, stores access tokens in plaintext. - Service Principal Secrets: These are stored unencrypted in
AzureRmContext.json
. - Token Saving Feature: Users have the ability to persist tokens using the
Save-AzContext
command, which should be used cautiously to prevent unauthorized access.
Considering the storage of sensitive data in plaintext, it's crucial to secure these files and directories by:
- Limiting access rights to these files.
- Regularly monitoring and auditing these directories for unauthorized access or unexpected changes.
- Employing encryption for sensitive files where possible.
- Educating users about the risks and best practices for handling such sensitive information.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.