Lateral movement

Azure virtual machine with secrets in user_data attribute



User data is a set of scripts or other metadata that's inserted to an Azure Virtual machine at provision time. Any application on the virtual machine can access the user data from the Azure Instance Metadata Service (IMDS) after provision. The user data is not protected by authentication or cryptography, and therefore, anyone with access to the machine can view it. A malicious actor may use the secrets to compromise additional assets in the account