apps username

carlospolop · carlospolop · commit 15a76b9bafaf · 2025-05-09T13:14:54.000+02:00
diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.md
@@ -129,9 +129,15 @@ Note how the **credentials are the same** as in the previous command.
 - Another option would be to **set you own creds** and use them:
 
 ```bash
+# Show if any user is configured (password won't be shown)
+az webapp deployment user show
+
+# Set your own credentials
 az webapp deployment user set \
     --user-name hacktricks \
     --password 'W34kP@ssw0rd123!'
+
+# To delete it, check https://stackoverflow.com/questions/45275329/remove-deployment-credentials-from-azure-webapp
 ```
 
 Then, you can use this credentials to **access the SCM and FTP platforms**. This is also a great way to maintain persistence.
diff --git a/src/pentesting-cloud/azure-security/az-services/az-app-services.md b/src/pentesting-cloud/azure-security/az-services/az-app-services.md
@@ -180,6 +180,10 @@ az webapp conection list --name <name> --resource-group <res-group>
 
 # Get hybrid-connections of a webapp
 az webapp hybrid-connections list --name <name> --resource-group <res-group>
+
+# Get configured SMC users by your account
+az webapp deployment user show
+## If any user is created, the username should appear in the "publishingUserName" field
 ```
 
 {{#endtab }}
diff --git a/src/pentesting-cloud/azure-security/az-services/az-function-apps.md b/src/pentesting-cloud/azure-security/az-services/az-function-apps.md
@@ -67,7 +67,9 @@ The **system assigned** one will be a managed identity that **only the function*
 
 It's possible to use the [**PEASS scripts**](https://github.com/peass-ng/PEASS-ng) to get tokens from the default managed identity from the metadata endpoint. Or you could get them **manually** as explained in:
 
-{% embed url="https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm" %}
+{{#ref}}
+https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html#azure-vm
+{{#endref}}
 
 Note that you need to find out a way to **check all the Managed Identities a function has attached** as if you don't indicate it, the metadata endpoint will **only use the default one** (check the previous link for more info).
 
