NetSPI Blog

Jake Karnes

Jake has a B.S. in Computer Science from San Jose State University, and holds the GIAC Certified Incident Handler and Certified Ethical Hacker certifications. He specializes in web application penetration testing. Jake also contributes to the development of applications and tools for the NetSPI penetration testing team.

Jake Karnes
March 30th, 2020

Decrypting Azure VM Extension Settings with Get-AzureVMExtensionSettings

TL;DR If you’re a local admin on an Azure VM, run the Get-AzureVMExtensionSettings script from MicroBurst to decrypt VM extension settings and potentially view sensitive parameters, storage account keys and local Administrator username and password. Overview The Azure infrastructure needs a mechanism to communicate with and control virtual machines. All Azure Marketplace images have the […]

Jake Karnes
February 13th, 2020

Attacking Azure with Custom Script Extensions

PowerShell and Bash scripts are excellent tools for automating simple or repetitive tasks. Azure values this and provides several mechanisms for remotely running scripts and commands in virtual machines (VMs). While there are many practical, safe uses of these Azure features, they can also be used maliciously. In this post we’ll explore how the Custom […]