In addition to the well-known Office 365 products, Microsoft also offers cloud infrastructures in the Azure Cloud. What is usually not taken into account is that both rely on the same user administration (Azure Active Directory). Misconfigurations, poor organisation of administration rights and non-observance of inheritance chains can therefore lead to serious security problems in both Office 365 and Azure infrastructures. In this presentation, NSIDE ATTACK LOGIC GmbH describes the theory of such attacks and shows one in practice: Through several escalation levels, an unprivileged cloud account gains control over the entire cloud infrastructure.
