Nytro Posted July 22, 2018 Report Posted July 22, 2018 MicroBurst A collection of scripts for assessing Microsoft Azure security Invoke-EnumerateAzureBlobs.ps1 PS C:> Get-Help Invoke-EnumerateAzureBlobs NAME: Invoke-EnumerateAzureBlobs SYNOPSIS: PowerShell function for enumerating public Azure Blobs and Containers. SYNTAX: Invoke-EnumerateAzureBlobs [[-Base] ] [[-OutputFile] ] [[-Permutations] ] [[-Folders] ] [[-BingAPIKey] ] [] DESCRIPTION: The function will check for valid .blob.core.windows.net host names via DNS. If a BingAPIKey is supplied, a Bing search will be made for the base word under the .blob.core.windows.net site. After completing storage account enumeration, the function then checks for valid containers via the Azure REST API methods. If a valid container has public files, the function will list them out. -------------------------- EXAMPLE 1 -------------------------- PS C:\>Invoke-EnumerateAzureBlobs -Base secure Found Storage Account - secure.blob.core.windows.net Found Storage Account - testsecure.blob.core.windows.net Found Storage Account - securetest.blob.core.windows.net Found Storage Account - securedata.blob.core.windows.net Found Storage Account - securefiles.blob.core.windows.net Found Storage Account - securefilestorage.blob.core.windows.net Found Storage Account - securestorageaccount.blob.core.windows.net Found Storage Account - securesql.blob.core.windows.net Found Storage Account - hrsecure.blob.core.windows.net Found Storage Account - secureit.blob.core.windows.net Found Storage Account - secureimages.blob.core.windows.net Found Storage Account - securestorage.blob.core.windows.net Found Container - hrsecure.blob.core.windows.net/NETSPItest Public File Available: https://hrsecure.blob.core.windows.net/NETSPItest/SuperSecretFile.txt Found Container - secureimages.blob.core.windows.net/NETSPItest123 RELATED LINKS: https://blog.netspi.com/anonymously-enumerating-azure-file-resources/ Sursa: https://github.com/NetSPI/MicroBurst 1 Quote
