Storage Account 04 - Connection String

Connection String

信息

Scenario

A connection string is one way to access a storage account without credentials. Let's make the most use of the one provided to use and find the flag.

Overview

What is a connection string?

A connection string in the Azure storage account is a string that contains the necessary details to create a connection between the application and the Azure storage account. It contains the authentication credentials and other necessary details to access the storage account.

Hint

• Storage account can be accessed via a connection string.

Impact

• A leak of the connection string for an Azure storage account can have a significant security impact. It can be used for unauthorized access to the storage account, which may lead to data breach, account compromise, increased attack surface, and loss of control. Changing account credentials takes a considerable amount of time, disrupting workflow in the process.

Reference

• Storage Blob Docs
• Azure Storage Explorer
• Storage connection strings

题目给出了 ConnectionString 信息，可以用于直接连接储存账户

输入 ConnectionString 进行连接

即可得到flag

Flags

What type of credential did we use to connect to the storage account? (Access key or connection string)

connection string

What is the flag value?

kswhcmqupz7525041dzxfjwlksn7752514asuxejgp736asvemowk736