Organizations are increasingly relying on cloud services from Azure, as there is native support from Microsoft. After obtaining Domain Admin privileges, it is essential to always think of attack paths or scenarios to escalate our privileges or describe the maximum impact. One such thing is escalating privileges to Azure Services. This talk would demonstrate attack paths for obtaining Global Administrator privileges on Azure AD from domain admin privilege on the on-premise network. Multiple domains can be registered under a single tenant, hence after obtaining global admin privileges on Azure it is possible for the adversary to gain administrative access over these domains.
About Filipi Pires
- Venkatraman K is a passionate Red Teamer currently working as Security Analyst in Cyber Security in India. He holds a couple of red team certifications like Certified Red Teaming Professional, Certified Red Team Expert etc. With over 4 years working in the different subdomains of cyber security, he constantly find myself engaged with learning, reading, discussing info-sec, participate in the CTF Challenges, conducting workshops and webinars on cybersecurity, participating in bug bounty programs, writing blogs and spent my weekend nights solving Red Team and Hackthebox Challenges.