Last active
March 13, 2024 22:27
-
-
Save rootsecdev/994ff3dd7f18bbaff62abd1d979b1925 to your computer and use it in GitHub Desktop.
Oauth Audit bypass to graph
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install AZ CLI: | |
az login --allow-no-subscription | |
Install MS Graph: | |
Install-Module Microsoft.Graph -Scope AllUsers | |
Install MSIdentityTools: | |
Install-Module MSIdentityTools | |
Install Import Excel Module: | |
Install-Module ImportExcel | |
Login to AZ CLI: | |
az login --allow-no-subscription | |
Convert Access token to json: | |
$graphAccessUserAsAll = az account get-access-token --scope="https://graph.microsoft.com/Directory.AccessAsUser.All" | ConvertFrom-Json | |
Convert json access token to secure string: | |
$securePassword = ConvertTo-SecureString -String $graphAccessUserAsAll.accessToken -AsPlainText -Force | |
Connect to Graph: | |
Connect-MgGraph -AccessToken $securePassword | |
Run Report: | |
Export-MsIdAppConsentGrantReport -ReportOutputType ExcelWorkbook -ExcelWorkbookPath .\AppConsent.xlsx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment