From 35e4b4460cfb87838377825b75e48f7e21074583 Mon Sep 17 00:00:00 2001
From: Jaime Polop <117489620+JaimePolop@users.noreply.github.com>
Date: Wed, 27 Nov 2024 11:47:56 +0100
Subject: [PATCH] Create az-queue-persistance.md

---
 .../az-persistence/az-queue-persistance.md    | 69 +++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md

diff --git a/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md b/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
new file mode 100644
index 0000000000..80e3829db5
--- /dev/null
+++ b/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
@@ -0,0 +1,69 @@
+# Az - Queue Persistance
+
+{% hint style="success" %}
+Learn & practice AWS Hacking:<img src="../../.gitbook/assets/image (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/image (1) (1).png" alt="" data-size="line">\
+Learn & practice GCP Hacking: <img src="../../.gitbook/assets/image (2).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/image (2).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
+
+<details>
+
+<summary>Support HackTricks</summary>
+
+* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
+* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
+
+</details>
+{% endhint %}
+
+## Queue
+
+For more information check:
+
+{% content-ref url="../az-services/az-queue-enum.md" %}
+[az-queue-enum.md](../az-services/az-queue-enum.md)
+{% endcontent-ref %}
+
+
+
+### Actions: `Microsoft.Storage/storageAccounts/queueServices/queues/write`
+
+This permission allows an attacker to create or modify queues and their properties within the storage account. It can be used to create unauthorized queues, modify metadata, or change access control lists (ACLs) to grant or restrict access. This capability could disrupt workflows, inject malicious data, exfiltrate sensitive information, or manipulate queue settings to enable further attacks.
+
+{% code overflow="wrap" %}
+```bash
+az storage queue create --name <new-queue-name> --account-name <storage-account>
+
+az storage queue metadata update --name <queue-name> --metadata key1=value1 key2=value2 --account-name <storage-account>
+
+az storage queue policy set --name <queue-name> --permissions rwd --expiry 2024-12-31T23:59:59Z --account-name <storage-account>
+```
+{% endcode %}
+
+### Actions: `Microsoft.Storage/storageAccounts/queueServices/queues/setAcl/action`
+
+With this permission, an attacker can modify the access control list (ACL) of an Azure Storage Queue, which can be used with shared access signatures. This enables the attacker to grant themselves or other malicious users persistent access to the queue, even if legitimate access credentials are revoked. By maintaining unauthorized access, they could continuously monitor, manipulate, or exfiltrate data, ensuring their presence remains undetected and workflows are disrupted over time.
+
+{% code overflow="wrap" %}
+```bash
+az storage queue policy create \
+  --queue-name <QUEUE_NAME> \
+  --account-name <STORAGE_ACCOUNT_NAME> \
+  --account-key <STORAGE_ACCOUNT_KEY> \
+  --name <POLICY_NAME> \
+  --permission <PERMISSIONS> \
+  --start <START_TIME> \
+  --expiry <EXPIRY_TIME>
+```
+
+## References
+
+* https://learn.microsoft.com/en-us/azure/storage/queues/storage-powershell-how-to-use-queues
+* https://learn.microsoft.com/en-us/rest/api/storageservices/queue-service-rest-api
+* https://learn.microsoft.com/en-us/azure/storage/queues/queues-auth-abac-attributes
+
+* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
+* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
+
+</details>
+{% endhint %}