> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# AZAvereContributor

> Any principal granted the Avere Contributor role, scoped to the affected VM, can reset the built-in administrator password on the VM.

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Abuse Info

The Avere Contributor role allows you to run SYSTEM commands on the VM

Via PowerZure:

* [Invoke-AzureRunCommand](https://powerzure.readthedocs.io/en/latest/Functions/operational.html#invoke-azureruncommand)
* [Invoke-AzureRunMSBuild](https://powerzure.readthedocs.io/en/latest/Functions/operational.html#invoke-azurerunmsbuild)
* [Invoke-AzureRunProgram](https://powerzure.readthedocs.io/en/latest/Functions/operational.html#invoke-azurerunprogram)

## Opsec Considerations

Because you’ll be running a command as the SYSTEM user on the Virtual Machine, the same opsec considerations for running malicious commands on any system should be taken into account: command line logging, PowerShell script block logging, EDR, etc.

## References

* [https://attack.mitre.org/tactics/TA0008/](https://attack.mitre.org/tactics/TA0008/)
* [https://attack.mitre.org/techniques/T1021/](https://attack.mitre.org/techniques/T1021/)
* [https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#avere-contributor](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#avere-contributor)