Azure vulnerable application

A vulnerable Azure architecture that is online 24/7. The environment provides several flags that can be found by exploiting Azure vulnerabilities.

Links

Link to tool is: https://brokenazure.cloud
File issues at: https://github.com/SecuraBV/brokenbydesign-azure/issues
Link to website source code is: https://github.com/SecuraBV/brokenbydesign-azure-website
Created by: https://www.secura.com/

Requirements for development

Azure CLI installed and in your $PATH
Terraform installed and in your $PATH
SQL Command line installed and in your $PATH
Azure Functions Core Tools installed and in your $PATH
OpenVPN to complete the challenges
sshpass installed and in your $PATH

Running the Terraform scripts

Login using the az login
Make sure the certificates (files/key.pem and files/cert.pem) are still valid, currently untill 2032.
Run terraform init to install required providers
Run terraform plan to see changes (You can also skip this step)
Run terraform apply to apply changes
If you want to destroy the environment, run Terraform destroy

Notes

Certificate and key expire Mar 19 14:36:57 2032 GMT
Make sure Security defaults is disabled (otherwise MFA is required on the DevOps user)
Error: The subscription is not registered to use namespace 'Microsoft.Sql' please run az provider register --namespace Microsoft.Sql
Error: The subscription is not registered to use namespace 'Microsoft.Web' please run az provider register --namespace Microsoft.Web

Issues / to do

DevOps user is able to modify own profile ex. password and MFA
- Run a runbook script every hour to reset password and MFA
DevOps user may leak IP adresses, geo-locations, browser version and OS type in profile settings
- Reset whole environment (or only user) to minimize leaked information
Maybe change cloudName (presented when logging in as service principal) to a flag?

Creating new certificates

Run openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem. Make sure to add the application-id and tenant-id to the cert.pem in format:

-----BEGIN AZURE_DETAILS-----
Tenant id: TENANT_ID_HERE
App-id: APP_ID_HERE
-----END AZURE_DETAILS-----

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
files		files
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
main.tf		main.tf
variables.tf		variables.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Azure vulnerable application

Links

Requirements for development

Running the Terraform scripts

Notes

Issues / to do

Creating new certificates

About

Uh oh!

Releases

Packages

Uh oh!

Contributors 3

Uh oh!

Languages

License

SecuraBV/brokenbydesign-azure

Folders and files

Latest commit

History

Repository files navigation

Azure vulnerable application

Links

Requirements for development

Running the Terraform scripts

Notes

Issues / to do

Creating new certificates

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors 3

Uh oh!

Languages

Packages