Skip to content

Commit

Permalink
Merge pull request #111 from JaimePolop/patch-12
Browse files Browse the repository at this point in the history 
Create az-queue-enum.md
  • Loading branch information
@carlospolop
carlospolop authored Nov 27, 2024
2 parents 84911fe + 70daf2a commit 1269219
Showing 1 changed file with 109 additions and 0 deletions.
109 changes: 109 additions & 0 deletions pentesting-cloud/azure-security/az-services/az-queue-enum.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
# Az - Queue Enum

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../.gitbook/assets/image (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/image (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../.gitbook/assets/image (2).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/image (2).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

## Queue

Azure Queue Storage is a service in Microsoft's Azure cloud platform designed for message queuing between application components, enabling asynchronous communication and decoupling. It allows you to store an unlimited number of messages, each up to 64 KB in size, and supports operations such as creating and deleting queues, adding, retrieving, updating, and deleting messages, as well as managing metadata and access policies. While it typically processes messages in a first-in-first-out (FIFO) manner, strict FIFO is not guaranteed. It is commonly used for managing workflows, processing tasks, and offloading tasks to improve application scalability and reliability.

### Enumeration

{% tabs %}
{% tab title="Bash" %}
```bash
# You need to know the --account-name of the storage (az storage account list)
az storage queue list --account-name <storage_account>

# Queue Metadata
az storage queue metadata show --name <queue_name> --account-name <storage_account>

#Get ACL
az storage queue policy list --queue-name <queue_name> --account-name <storage_account>

# Get Messages (getting a message deletes it)
az storage message get --queue-name <queue_name> --account-name <storage_account>

# Peek Messages
az storage message peek --queue-name <queue_name> --account-name <storage_account>
```
{% endtab %}

{% tab title="PS" %}
```bash
# Get the Storage Context
$storageAccount = Get-AzStorageAccount -ResourceGroupName QueueResourceGroup -Name queuestorageaccount1994
$ctx = $storageAccount.Context

# Set Variables for Storage Account
$storageAccountName = "queuestorageaccount"

# List Queues
Get-AzStorageQueue -Context $context
$queueName = "myqueue"

# Retrieve a specific queue
$queue = Get-AzStorageQueue -Name $queueName -Context $context
$queue # Show the properties of the queue

# Retrieve the access policies for the queue
$accessPolicies = Get-AzStorageQueueStoredAccessPolicy -Context $context -QueueName $queueName
$accessPolicies

# Peek Messages
$queueMessage = $queue.QueueClient.PeekMessage()
$queueMessage.Value

# Set the amount of time you want to entry to be invisible after read from the queue
# If it is not deleted by the end of this time, it will show up in the queue again
$visibilityTimeout = [System.TimeSpan]::FromSeconds(10)

# Read the messages from the queue, then show the contents of the messages.
$queueMessage = $queue.QueueClient.ReceiveMessages(1,$visibilityTimeout)
$queueMessage.Value
```
{% endtab %}
{% endtabs %}

### Privilege Escalation

{% content-ref url="../az-services/az-queue-privesc.md" %}
[az-queue-privesc.md](../az-services/az-queue-privesc.md)
{% endcontent-ref %}

### Post Exploitation

{% content-ref url="../az-post-exploitation/az-queue-post-exploitation.md" %}
[az-queue-post-exploitation.md](../az-post-exploitation/az-queue-post-exploitation.md)
{% endcontent-ref %}

### Persistence

{% content-ref url="../az-persistence/az-sqs-persistence.md" %}
[az-sqs-persistence.md](../az-persistence/az-queue-persistance.md)
{% endcontent-ref %}

## References

* https://learn.microsoft.com/en-us/azure/storage/queues/storage-powershell-how-to-use-queues
* https://learn.microsoft.com/en-us/rest/api/storageservices/queue-service-rest-api
* https://learn.microsoft.com/en-us/azure/storage/queues/queues-auth-abac-attributes

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

0 comments on commit 1269219

Please sign in to comment.