Microsoft Azure: Dark Clouds and Weaponized Skies

Presented at Wild West Hackin' Fest 2019, Oct. 24, 2019, 2 p.m. (50 minutes).

**Abstract:** Reduced costs, scalability, and improved collaboration are among many of the reasons corporations are offloading infrastructure and application stacks into the cloud but not everything is a bright summer day in the wild wild west. While service providers do an amazing job at providing a huge selection of point-and-click deployments, there’s a new sheriff in town. While we are seeing a range of exploitable conditions with all cloud deployments, this presentation focuses on compromising and weaponizing Microsoft Azure as an old western outlaw would. By walking the audience through stages of a red team engagement we will systematically compromise, persist, and pivot using Microsoft Azure . By the end of the talk, attendees can expect to: * Find out how you probably already use Microsoft Azure and didn't know * Learn how some cloud security providers miss the mark * Sharpen your red team tradecraft to incorporate cloud infrastructure * Receive automated PowerShell scripts for mapping Microsoft Azure * Learn a novel technique for establishing an Azure C2 channel

Presenters:

• Mike Felch
• Beau Bullock

Links:

• https://wildwesthackinfest2019.sched.com/event/SYBs/microsoft-azure-dark-clouds-and-weaponized-skies

Similar Presentations:

• The Eleventh HOPE (2016) / A Penetration Tester's Guide to the Azure Cloud
• TROOPERS18 (2018) / All Your Cloud Are Belong To Us - Hunting Compromise in Azure
• DEF CON 30 (2022) / AzureGoat: Damn Vulnerable Azure Infrastructure Demo