Tags
ATT&CK Tactic
Execution (TA0002)
References
Last edited
May 19, 2024 11:38 AM
Status
Stub
Defenses
the Custom Script Extension Version 2 downloads and runs scripts on Azure virtual machines (VMs). This extension is useful for post-deployment configuration, software installation, or any other configuration or management task.
By utilizing the 'CustomScriptExtension' extension on a Virtual Machine, an attacker can pass PowerShell commands to the VM as SYSTEM.