Last active
December 9, 2021 15:40
-
-
Save merill/8306cc91030b0a3e12f47835db6af549 to your computer and use it in GitHub Desktop.
This script will allow you to find all applications and service principals in Azure AD affected by https://aka.ms/CVE-2021-42306-AAD that need their keys to be rotated.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install-Module AffectedKeyCredentials | |
Get-AffectedKeyCredentials -TenantId 0000-0000-0000-0000 -ObjectClass application -ScanAll | |
Get-AffectedKeyCredentials -TenantId 0000-0000-0000-0000 -ObjectClass servicePrincipal -ScanAll |
Adding that this script WILL run in CloudShell from the browser, but not when I connect to azure ad from azure powershell running as admin. Because of all the warnings about .net and the different modules needing to be installed, it doesn't seem likely to me that CloudShell was the recommended way to run it. (Could be wrong) I haven't tried the CVE script from cloudshell yet.
Thanks for sharing the updates.
It sounds like a conflict of PowerShell modules. There are some suggestions in this thread Azure/azure-powershell#9949
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When I run this with my tenant id, I get: WARNING: Unable to find type [Microsoft.Azure.Commands.Profile.Utilities.CustomAssemblyResolver].
Get-AzAccessToken : The term 'Get-AzAccessToken' is not recognized as the name of a cmdlet, function, script file, or
operable program.
I checked out Global Admin role
I've already checked that .net and azure modules are installed. Tried Install-Module -Name Az -AllowClobber based on a suggestion elsewhere, no change. Running powershell as admin as well.
The CVE script also fails, but that complains about characters in the script.