PenTest/privilege-escalation-awesome-scripts-suite
1
0
Fork 0
mirror of https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite.git synced 2025-12-06 09:01:29 +00:00
Code Issues Projects Releases Wiki Activity

update azure files with tokens

Browse Source
This commit is contained in:
Carlos Polop
2025-01-26 15:58:48 +01:00
parent 7cd9e6f78b
commit 092af1413d
1 changed files with 44 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
build_lists/sensitive_files.yaml
View File

@@ -1271,6 +1271,8 @@ search:
value: value:
config: config:
auto_check: True auto_check: True
exec:
- '(pwsh -Command "Save-AzContext -Path /tmp/az-context3489ht.json" && cat /tmp/az-context3489ht.json && rm /tmp/az-context3489ht.json) || echo_not_found "pwsh"'
files: files:
#- name: "credentials" #- name: "credentials"
@@ -1379,13 +1381,54 @@ search:
- common - common
- name: "AzureRMContext.json" - name: "AzureRMContext.json"
value:
bad_regex: "Id.*|Credential.*"
type: f
search_in:
- common
- name: "clouds.config"
value:
type: f
search_in:
- common
- name: "service_principal_entries.json"
value: value:
bad_regex: ".*" bad_regex: ".*"
type: f type: f
search_in: search_in:
- common - common
- name: "ErrorRecords" #Azure logs can contain creentials - name: "msal_token_cache.json"
value:
bad_regex: ".*"
type: f
search_in:
- common
- name: "msal_http_cache.bin"
value:
just_list_file: True
type: f
search_in:
- common
- name: "service_principal_entries.bin"
value:
just_list_file: True
type: f
search_in:
- common
- name: "msal_token_cache.bin"
value:
just_list_file: True
type: f
search_in:
- common
- name: "ErrorRecords" #Azure logs can contain crentials
value: value:
type: d type: d
search_in: search_in: