A Penetration Tester’s Guide to the Azure Cloud
(45 mins) Apostolos Mastoris — The wide adoption and the benefits of cloud computing has led many users and enterprises to move their applications and infrastructure towards the Cloud. However, the nature of the Cloud introduces new security challenges, therefore organizations are required to ensure that such hosted deployments do not expose them to additional risk. Auditing cloud services has become an essential task and, in order to carry out such assessments, familiarization with certain components of the target environments is required. This talk will provide insight into the Microsoft Azure Cloud service and present practical advice on performing security assessments on Azure-hosted deployments. More specifically, it will demystify the main components of a cloud service and dive further into Azure-specific features. The main security controls and configurations associated with each of the mainstream Azure components will also be explored. Areas that will be covered include role-based security, secure networking features, perimeter security, encryption capability, auditing, and monitoring of activities within the Azure Cloud environment. Additionally, the talk will include the demonstration of a new tool that uses the Azure PowerShell cmdlets to collect verbose information about the main components within a deployment. The tool also provides functionality to visualize the components within a network infrastructure using an interactive representation of the topology and the associations between the deployment’s components.
And yesterday I saw that Azurite (the tool) was released! So let’s take a look at how this looks when running this against one of my lab environments.
Before engaging, be sure to have the following requisites on your system ;
- Download and install the Azure PowerShell Cmdlets
- Download and install Python 2.7
- Download and install Firefox
- Clone the repository : git clone https://github.com/mwrlabs/Azurite.git
Let’s get into the action!
The summary of command’s we’ll be handling ;
# PS> Import-Module AzureRM # PS> Import-Module ./AzuriteExplorer.ps1 # PS> Review-AzureRmSubscription # CMD> C:\python27\python.exe AzuriteVisualizer.py azure-subscription__.json
Basically, ensure that the resource manager module is loaded and import the custom Azurite module. Afterwards startup the cmdlet “Review-AzureRmSubscription”; where you’ll enter your credential and select the targeted subscription.
Once done, use python toe parse the extracted json file. That’ll generate an “AzuriteVisualizer.html”-document. Open the latter with Firefox to see a nice visualization!
The screenshots of the action
Starting “Azurite Explorer”
Parsing the json file to generate the html
Taking a look at the output in Firefox