Back to directory
WRITEUP #1681

Azure Active Directory Flaw Allowed SAML Persistence

CloudAzure ADSAMLSSO
by@Secureworks(Secureworks Counter Threat Unit)
Program
Microsoft (Azure)
Published
Jan 18, 2023
Added to HackDex
May 8, 2023
Read Full Writeuphttps://www.secureworks.com/research/azure-active-directory-flaw-allowed-saml-persistence
RELATED WRITEUPS
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
Forced SSO Session Fixation
Auth BypassSSO
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE

Built with ❤️ by Shubham Rawat