AAD AzureAD GraphAPI Meetups OAuth2 Uncategorized

HelSec Azure AD write-up: Phishing on Steroids with Azure AD Consent Extractor

julkaissut Joosua Santasalo
Comments 0

Here is short summary of the Presentation slides and demo of the Azure AD Consent Extractor @HelSec

  1. Attackers sends OWA upgrade link
  2. Victim clicks the link and accepts the upgrade
  3. Victim is redirected back to OWA when hitting the attacking server
  4. Victim receives ”OWA upgrade complete” message to email
  5. Meanwhile the attacking server is enjoying its new privileges on the user account

See the attack in action

If you want to know more about the consent attack, you can read my previous blog post from 2018

This version is the updated version to the one I did in 2018

https://securecloud.blog/2018/10/02/demonstration-illicit-consent-grant-attack-in-azure-ad-office-365

0 comments on “HelSec Azure AD write-up: Phishing on Steroids with Azure AD Consent Extractor

Vastaa

Täytä tietosi alle tai klikkaa kuvaketta kirjautuaksesi sisään:

Gravatar
WordPress.com-logo

Olet kommentoimassa WordPress.com -tilin nimissä. Log Out /  Muuta )

Facebook-kuva

Olet kommentoimassa Facebook -tilin nimissä. Log Out /  Muuta )

Peruuta

Muodostetaan yhteyttä palveluun %s

%d bloggaajaa tykkää tästä: