Microsoft365 Device Code Phishing Framework
Project description
Solenya - M365 Device Code Phishing Framework
Solenya is a cli tool which provides a framework to perform M365 device code phishing. As defined in RFC8628, an attacker can perform a social engineering attack by instructing a target to register a malicious application using a device code.
Prerequisites
By default, Microsoft allows any user to add new applications to their M365 profile. Below, is a screenshot of a fresh deployment of an Azure subscription.
Installation
The package requires Python 3.7 or higher.
Install latest version from PyPI: pip install solenya
Usage
Creating a Workspace
The wsp command is responsible for initializing the WorkSpace. The tool leverages an SQLite database to store target information. To create a workspace run:
$ sol wsp <client_ID> -t <target_name>
Managing Targets
The target command can add additional targets and remove or reset existing ones. The command will automatically reach out to Microsoft Online API and create a User Code and a Device Code, which will both be stored in the database.
$ sol target <target_names>
The switch command switches between active targets in the WorkSpace.
$ sol switch <target_name>
Gathering OAuth Access Tokens
The auth command is responsible for authenticating targets registered with the WorkSpace. Run the phish sub command and wait for the your targets to enter the device code on their end.
$ sol auth phish --monitor --all
Once the Refresh and Access tokens are obtained they will be saved to the database. The Access token can be refreshed using the refresh command.
$ sol auth refresh --all
Dumping Data
Once the target is authenticated the dump command can be used to dump information from the Graph API.
$ sol dump emails --all
Exporting Targets
The information in the database can be exported using the export command.
$ sol export --all
Contact
- Contact us at cult.cornholio@gmail.com or open up a new Issue on GitHub.
Acknowledgements
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file solenya-0.1.5.tar.gz.
File metadata
- Download URL: solenya-0.1.5.tar.gz
- Upload date:
- Size: 16.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.8.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.2 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 2bf729700e080b675d96dea7d401b9cf926bb2645001f98603d7fb74bf28651b |
|
| MD5 | f251cbf524839d378ba1a1d9a1f28304 |
|
| BLAKE2b-256 | 3446a69ea22443f03db5eb345d70249f213158f3dce4ef31ecaf267a27020601 |
File details
Details for the file solenya-0.1.5-py3-none-any.whl.
File metadata
- Download URL: solenya-0.1.5-py3-none-any.whl
- Upload date:
- Size: 28.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.8.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.2 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0bfa9da5cf1874cb1733fd297430bdfb87f4ec36a158360b5f7d8f16340be8ae |
|
| MD5 | d87ee7595da6c3ce1cfdf1a6eb306631 |
|
| BLAKE2b-256 | 92c5226113c9cbc9cb95a72e4d2609b9ea1cdfd10fe4da4831642d5d7a9c6d07 |
