Skip to content

jsa2/legacyAuth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

src

src

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

main.js

main.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

readme.md

readme.md

 
 

remote.sh

remote.sh

 
 

scr.xml

scr.xml

 
 

Repository files navigation

Azure AD Legacy Auth CLI test client for Azure AD Security Assessments

Determine if Conditional Access is configured properly. This tool is alternative solution to MS Test Connectivity

img

License

READ HERE

⚠ Only use this tool if you know what you are doing

⚠ Always test the tool first in test environments, with non-sensitive data

Endpoints

Legacy SOAP endpoints detail
connectMsOnline simulates connect-msolService CMDLET
Application Microsoft Online Syndication Partner Portal
Application ID d176f6e7-38e5-40c9-8a78-3998aab820e7
connectSPO simulates legacy SPO access
Application Office 365 SharePoint Online
Application ID 00000003-0000-0ff1-ce00-000000000000
connectEWS simulates legacy EWS access
Client app Exchange Web Services

Running the tool

⚠️ While this tool does not store passwords (passwords are only retained in runtime) the recommendation is not to use privileged credentials. Always use read-only account, that is recommendation for any assessment use scenario

Install

  • Use Azure Cloud Shell (BASH), or WSL (Cloud Shell is prefered)
curl -o- https://raw.githubusercontent.com/jsa2/legacyAuth/public/remote.sh | bash

Running

cd legacyAuth
node main.js --u=admin@M365B322999.onmicrosoft.com --p='DemoPasswordToEmptyTenant!.1'

Reviewing logs

Authentication attempts are shown in non-interactive Azure AD logs

image

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages