26 C
Jaipur
Saturday, October 24, 2020

Microsoft Azure Bug Let Hackers Take Control Over on Azure Accounts

Must read

iPhone 12 Users Can Now Download OS Updates Over 5G Data

Apple finally introduced 5G support with the launch of its latest iPhone 12 series. Now, as iPhones support high-speed 5G networks, the Cupertino tech...

Check Out Oppo Find X2 League of Legends Special Edition Right Here

After much anticipation, Chinese phone maker, Oppo unveiled the second generation of its Find X series, the Oppo Find X2 and Find X2 Pro,...

apple: Apple fixes 6 malicious apps posing as Adobe Flash installers – Latest News

The malicious apps masquerading as Adobe Flash installer are not going to go away anytime soon as Apple has once again fixed six more...

Researchers discovered a critical vulnerability in Microsoft Azure named “BlackDirect” that allows attackers to take over the Azure user’s accounts and creating the Token with the victim’s permissions.

The vulnerability specifically affected Microsoft’s OAuth 2.0 applications that allow malicious attacker access and control a victim’s account

“OAuth is a protocol for authorization that is commonly used as a way for end-users to grant websites or applications access to their information from other websites without giving the website or app secrets or passwords.”

In the next generation, OAuth2 allows third-party applications to grant limited access to an HTTP service and accessing clients might be a website or mobile application.

OAuth applications trust domains and sub-domains are not registered on behalf of Microsoft, and it can be registered by anyone. by default, OAuth approved the applications request and are allowed to ask for “access_token.”.

Researchers found that the combination of these two factors makes it possible to produce action with the user’s permissions – including gaining access to Azure resources, AD resources and more.

“This vulnerability’s attack surface is very wide and its impact can be very powerful. By doing nothing more than clicking or visiting a website, the victim can experience the theft of sensitive data, compromised production servers, lost data, manipulation of data, encryption of all the organization’s data with ransomware and more.”

Exploiting the BlackDirect Vulnerability

To exploit the vulnerability, researchers initially have listed all the service principals in their account using the “Get-AzureADServicePrincipal” command.

Later they found the URL that allowed by Microsoft application, in which some of the URLs end with “.cloudapp.net”, “.azurewebsites.net” and .{vm_region}.cloudapp.azure.com,” these all the URL registered via Microsoft Azure portal.

Omer Tsarfati from cyberark said, “To make sure no real attackers could exploit this vulnerability, I registered every sub-domain that wasn’t already registered – 54 of them  That being said, there may be more sub-domains that aren’t listed.”

There are 3 following apps that are vulnerable for this account to take the attack.

“This vulnerability makes it much easier to compromise privileged users – whether through simple social engineering techniques or by infecting a website that the privileged users occasionally access.”

As a result, the attacker will compromise the entire domain and the organization’s Azure environment.

Proof of Concept Video:

You can read the complete technical analysis here.

Mitigation Steps

  1. Make sure that all the trusted redirect URIs configured in the application are under your ownership.
  2. Remove unnecessary redirect URIs.
  3. Make sure the permissions that the OAuth application asks for are the least privileged one it needs.
  4. Disable non-used applications.

Also Read:

StrandHogg – Hackers Aggressively Exploiting New Unpatched Android OS Vulnerability in Wide Using Malware

Most Critical Docker Vulnerability Let Hackers To Take Complete Control Over Host & All Containers Within It

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

iPhone 12 Users Can Now Download OS Updates Over 5G Data

Apple finally introduced 5G support with the launch of its latest iPhone 12 series. Now, as iPhones support high-speed 5G networks, the Cupertino tech...

Check Out Oppo Find X2 League of Legends Special Edition Right Here

After much anticipation, Chinese phone maker, Oppo unveiled the second generation of its Find X series, the Oppo Find X2 and Find X2 Pro,...

apple: Apple fixes 6 malicious apps posing as Adobe Flash installers – Latest News

The malicious apps masquerading as Adobe Flash installer are not going to go away anytime soon as Apple has once again fixed six more...

smart speaker: Global smart speaker market to reach 163 million units in 2021: Report – Latest News

Led by Amazon Alexa and Google Assistant powered devices, the global smart speaker market (including smart displays) is set to reach 163 million units...