Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Tzah Pahima Profile picture
Tzah Pahima
@TzahPahima
Under the hood, up to something good :) Cloud Vulnerability Researcher @orcasec
Jun 14, 2022 11 tweets 4 min read
I was able to access thousands of companies’ passwords on #Azure and run code on their VMs.
This includes access to Microsoft’s own credentials… 💣

Here’s HOW I did it.
This is the story of #SynLapse. (1/11) Looking at the Microsoft Azure bounty program, I noticed that “cross-tenant data leakage” in @azuresynapse is regarded as a high-impact scenario ❗️

The service queries data imported from customer sources (MySQL, CosmosDB, Amazon S3...)

How do you define a data source? (2/11)
May 9, 2022 4 tweets 2 min read
I was able to access #Azure user credentials and run code on other customers’ machines.
The vulnerability is called #SynLapse.

It was a vulnerability in Azure Synapse Analytics (@Azure_Synapse) & Azure Data Factory, exploiting a major flaw in the tenant separation.

(1/3) Through access to an internal API server I was able to:
- Obtain access to other customers’ Synapse workspaces
- Perform API operations like adding/deleting resources
- Run code on their service machines
- Most importantly: leak all credentials they stored in the service.

(2/3)