Maintaining Azure Persistence via Automation Accounts

Karl Fosaaen
September 12th, 2019

Maintaining Azure Persistence via Automation Accounts

In every penetration test that involves Azure, we want to escalate our privileges up to a global administrator of the tenant. Once we’ve escalated our privileges in an Azure tenant, we want to have the ability to maintain our access to each subscription and the tenant as a whole. Aside from the benefits of controlling […]

Scott Sutherland
August 5th, 2016

Establishing Registry Persistence via SQL Server with PowerUpSQL

In this blog I’ll show how to use PowerUpSQL to establish persistence (backdoor) via the Windows registry through SQL Server. I’ll also provide a brief overview of the xp_regwrite stored procedure. This should be interesting to pentesters and red teamers interested in some alternative ways to access the OS through SQL Server. An overview of […]

Scott Sutherland
April 11th, 2016

Maintaining Persistence via SQL Server – Part 2: Triggers

In this blog, I’ll show how three types of SQL Server triggers can be abused to maintain access to Windows environments.

Scott Sutherland
March 7th, 2016

Maintaining Persistence via SQL Server – Part 1: Startup Stored Procedures

In this blog I show how to use SQL Server startup stored procedures to maintain access to Windows environments and share a PowerShell script to automate the attack…