f

2025-12-12 07:40:49 -08:00 · 2025-07-30 06:27:12 +02:00
parent f72768b30f
commit ebd15ccb63
14 changed files with 1 additions and 14 deletions
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/README.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/README.md
@@ -40,4 +40,3 @@ This section covers the pivoting techniques to move from a compromised Entra ID
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.md
@@ -70,4 +70,3 @@ At this point, we can gather the remaining information needed to connect to Azur

 {{#include ../../../banners/hacktricks-training.md}}

-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.md
@@ -85,4 +85,3 @@ This dumps all AD user password hashes, giving the attacker the KRBTGT hash (let
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.md
@@ -163,4 +163,3 @@ az rest \


 {{#include ../../../banners/hacktricks-training.md}}
-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.md
@@ -216,4 +216,3 @@ seamless-sso.md
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md
@@ -87,4 +87,4 @@ while IFS=$'\t' read -r vm_name resource_group; do
 done <<< "$vm_list"
 ```

-{{#include ../../../banners/hacktricks-training.md}}
+{{#include ../../../banners/hacktricks-training.md}}
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.md
@@ -161,4 +161,3 @@ Open-AADIntOffice365Portal -ImmutableID "aodilmsic30fugCUgHxsnK==" -Issuer http:
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-hybrid-identity-misc-attacks.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-hybrid-identity-misc-attacks.md
@@ -29,4 +29,3 @@ In order to synchronize a new user from Entra ID to the on-prem AD these are the
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.md
@@ -61,4 +61,3 @@ curl -o <filename_output> -L -H "Authorization: Bearer <token>" '<@microsoft.gra
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.md
@@ -39,4 +39,3 @@ Main.py [-h] --usercert USERCERT --certpass CERTPASS --remoteip REMOTEIP
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.md
@@ -36,4 +36,3 @@ Just navigate to login.microsoftonline.com and add the cookie **`ESTSAUTHPERSIST

 {{#include ../../../banners/hacktricks-training.md}}

-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.md
@@ -365,4 +365,3 @@ curl -s -X POST \
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.md
@@ -105,4 +105,3 @@ seamless-sso.md
 {{#include ../../../banners/hacktricks-training.md}}


-
--- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/seamless-sso.md
+++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/seamless-sso.md
@@ -207,4 +207,3 @@ If the Active Directory administrators have access to Azure AD Connect, they can
 {{#include ../../../banners/hacktricks-training.md}}


-
				`@@ -40,4 +40,3 @@ This section covers the pivoting techniques to move from a compromised Entra ID`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -70,4 +70,3 @@ At this point, we can gather the remaining information needed to connect to Azur`

				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -85,4 +85,3 @@ This dumps all AD user password hashes, giving the attacker the KRBTGT hash (let`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -163,4 +163,3 @@ az rest \`


				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -216,4 +216,3 @@ seamless-sso.md`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -161,4 +161,3 @@ Open-AADIntOffice365Portal -ImmutableID "aodilmsic30fugCUgHxsnK==" -Issuer http:`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -29,4 +29,3 @@ In order to synchronize a new user from Entra ID to the on-prem AD these are the`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -61,4 +61,3 @@ curl -o <filename_output> -L -H "Authorization: Bearer <token>" '<@microsoft.gra`
				`{{#include ../../../banners/hacktricks-training.md}}`
				`@@ -39,4 +39,3 @@ Main.py [-h] --usercert USERCERT --certpass CERTPASS --remoteip REMOTEIP`
				`{{#include ../../../banners/hacktricks-training.md}}`
				@@ -36,4 +36,3 @@ Just navigate to login.microsoftonline.com and add the cookie **`ESTSAUTHPERSIST

				`{{#include ../../../banners/hacktricks-training.md}}`