All challenges

Breaking The Barriers

As an APT group targeting Azure, you've discovered a web app that creates admin users, but they are heavily restricted. To gain initial access, you've created a malicious OAuth app in your tenant and now seek to deploy it into the victim's tenant. Can you bypass the restrictions and capture the flag?

The shell environment has been preloaded with your malicious OAuth app credentials and the target web app endpoint as environment variables. Use 'env | grep AZURE' or 'echo $WEB_APP_ENDPOINT' to view them.

Good luck!

Lior Sonntag Avatar

Author

Lior Sonntag

"Microsoft Entra ID (Azure AD) is a critical security boundary in modern cloud environments. This challenge simulates techniques observed in real-world APT campaigns, demonstrating how attackers can gain an initial foothold, exploit misconfigurations, and move laterally. A key objective is to familiarize players with unique Entra ID features and behaviors, highlighting how it operates differently from other identity platforms."

Terminal