diff --git a/GraphRunner.ps1 b/GraphRunner.ps1 index 8101852..cdc5030 100644 --- a/GraphRunner.ps1 +++ b/GraphRunner.ps1 @@ -518,7 +518,37 @@ function Invoke-InjectOAuthApp{ [Parameter(Position = 3, Mandatory = $False)] [object[]] $Tokens + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -532,7 +562,7 @@ function Invoke-InjectOAuthApp{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -545,6 +575,7 @@ function Invoke-InjectOAuthApp{ $access_token = $tokens.access_token $Headers = @{ Authorization = "Bearer $access_token" + "User-Agent" = $UserAgent } # Get Microsoft Graph Object ID @@ -918,11 +949,42 @@ function Invoke-DeleteOAuthApp{ [Parameter(Position = 0, Mandatory = $True)] [string] $ObjectID = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } $accessToken = $tokens.access_token $deleteUrl = "https://graph.microsoft.com/v1.0/applications/$ObjectID" $headers = @{ Authorization = "Bearer $accessToken" + "User-Agent" = $UserAgent } @@ -974,8 +1036,38 @@ Function Invoke-GraphOpenInboxFinder{ [Parameter(Position = 0, Mandatory = $true)] [string] $userlist = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($tokens){ $access_token = $tokens.access_token } @@ -1063,8 +1155,38 @@ Function Find-PermissiveCalendars{ [Parameter(Position = 2, Mandatory = $false)] [string] $OutFile = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($tokens){ $access_token = $tokens.access_token } @@ -1594,7 +1716,37 @@ Function Get-Inbox{ [Parameter(Position = 3, Mandatory = $false)] [string] $OutFile = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -1608,7 +1760,7 @@ Function Get-Inbox{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -1736,8 +1888,38 @@ Function Invoke-CreateInboxForwardingRule { $GraphRun, [switch] $PageResults + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + # Requires a graph token scoped with MailboxSettings.ReadWrite, so we need to authenticate with the Microsoft Teams client (1fec8e78-bce4-4aaf-ab1b-5451cc387264) # If we have a refresh token, we can leverage FOCI to refresh an access token with the correct scope if ($Tokens) { @@ -1780,6 +1962,7 @@ Function Invoke-CreateInboxForwardingRule { $headers = @{ "Authorization" = "Bearer $access_token" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } $data = @{ @@ -1848,7 +2031,37 @@ function Get-TeamsApps{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -1862,7 +2075,7 @@ function Get-TeamsApps{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -1877,6 +2090,7 @@ function Get-TeamsApps{ $headers = @{ Authorization = "Bearer $access_token" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } $teamsResponse = Invoke-RestMethod -Method Get -Uri "https://graph.microsoft.com/v1.0/me/joinedTeams" -Headers $headers @@ -1935,7 +2149,37 @@ function Get-TeamsChannels{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -1949,7 +2193,7 @@ function Get-TeamsChannels{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -2030,7 +2274,37 @@ function Get-ChannelUsersEnum{ [Parameter(Position = 2, Mandatory = $False)] [string] $Teams = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -2044,7 +2318,7 @@ function Get-ChannelUsersEnum{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -2162,7 +2436,37 @@ function Get-ChannelEmail{ [Parameter(Position = 2, Mandatory = $False)] [string] $Teams = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -2176,7 +2480,7 @@ function Get-ChannelEmail{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -2380,7 +2684,37 @@ function Find-ChannelEmails{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -2394,7 +2728,7 @@ function Find-ChannelEmails{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -2469,7 +2803,37 @@ function Get-Webhooks{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -2483,7 +2847,7 @@ function Get-Webhooks{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -2735,7 +3099,37 @@ function Create-Webhook{ [Parameter(Position = 4, Mandatory = $True)] [ValidateSet("IncomingWebhook","Jira","Jenkins","AzureDevOps")] [String]$ConnectorType + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if(!$Tokens){ if ($global:tokens){ $tokens = $global:tokens @@ -2749,7 +3143,7 @@ function Create-Webhook{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -3177,7 +3571,37 @@ function Get-TeamsChat{ [Parameter(Position = 0, Mandatory = $false)] [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -3195,6 +3619,7 @@ function Get-TeamsChat{ $headers = @{ "Authorization" = "Bearer $access_token" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } @@ -5071,8 +5496,38 @@ Function Invoke-DumpApps{ [string]$OutFile = "", [Parameter(Mandatory = $False)] [switch]$SkipMicrosoftOwnedSPs + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ if(!$GraphRun){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." @@ -5088,7 +5543,7 @@ Function Invoke-DumpApps{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -5104,6 +5559,7 @@ Function Invoke-DumpApps{ "Authorization" = "Bearer $accessToken" "Content-Type" = "application/json" "Accept" = "application/json" + "User-Agent" = $UserAgent } $warnings = @() @@ -5331,6 +5787,23 @@ function Get-SecurityGroups{ $RefreshInterval = (60 * 10) # 10 minutes ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if ($SecurityOnly -and $M365Only) { Write-Host -ForegroundColor Red "[*] Please use either -SecurityOnly or -M365Only, not both at the same time." return @@ -5350,7 +5823,7 @@ function Get-SecurityGroups{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor Yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -5365,6 +5838,7 @@ function Get-SecurityGroups{ [string]$refreshToken = $tokens.refresh_token $headers = @{ Authorization = "Bearer $accessToken" + "User-Agent" = $UserAgent } if ($SecurityOnly) { @@ -5495,8 +5969,38 @@ function Get-DirectoryRoles{ [string] $OutputFile = "directory_roles.csv", [Parameter(Mandatory = $False)] [switch] $GraphRun + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if ($Tokens) { if (!$GraphRun) { Write-Host -ForegroundColor Yellow "[*] Using the provided access tokens." @@ -5510,7 +6014,7 @@ function Get-DirectoryRoles{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor Yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -5524,6 +6028,7 @@ function Get-DirectoryRoles{ $accessToken = $tokens.access_token $headers = @{ Authorization = "Bearer $accessToken" + "User-Agent" = $UserAgent } if (!$GraphRun) { @@ -5698,8 +6203,38 @@ function Invoke-DeleteGroup { $groupId, [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -5713,7 +6248,7 @@ function Invoke-DeleteGroup { $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -5732,6 +6267,7 @@ function Invoke-DeleteGroup { $headers = @{ "Authorization" = "Bearer $accessToken" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } try { @@ -5766,8 +6302,38 @@ function Invoke-SecurityGroupCloner{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -5781,7 +6347,7 @@ function Invoke-SecurityGroupCloner{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -5796,6 +6362,7 @@ function Invoke-SecurityGroupCloner{ $headers = @{ Authorization = "Bearer $accessToken" + "User-Agent" = $UserAgent } $secgroups = Get-SecurityGroups -Tokens $tokens @@ -6085,8 +6652,38 @@ function Get-DynamicGroups{ [Parameter(Position = 0, Mandatory = $False)] [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -6100,7 +6697,7 @@ function Get-DynamicGroups{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -6120,6 +6717,7 @@ function Get-DynamicGroups{ $headers = @{ "Authorization" = "Bearer $accessToken" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } $results = @() @@ -6227,8 +6825,38 @@ function Invoke-AddGroupMember { $userId, [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -6242,7 +6870,7 @@ function Invoke-AddGroupMember { $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -6314,8 +6942,38 @@ function Invoke-RemoveGroupMember { $userId, [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -6329,7 +6987,7 @@ function Invoke-RemoveGroupMember { $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -6408,8 +7066,38 @@ function Get-EntraIDGroupInfo { [string]$GroupList, # File path to a text file with group names and guids exported from Get-UpdatableGroups [string]$GroupName, # Specific group name to lookup [string]$GroupGUID # Specific group guid to lookup + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -6423,7 +7111,7 @@ function Get-EntraIDGroupInfo { $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -6438,6 +7126,7 @@ function Get-EntraIDGroupInfo { $headers = @{ 'Authorization' = "Bearer $accesstoken" + "User-Agent" = $UserAgent } if ($GroupName){ @@ -6609,7 +7298,37 @@ function Invoke-InviteGuest{ [object[]] $Tokens = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -6623,7 +7342,7 @@ function Invoke-InviteGuest{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -6633,9 +7352,9 @@ function Invoke-InviteGuest{ } } } - $accesstoken = $tokens.access_token - [string]$refreshToken = $tokens.refresh_token - $headers = @{"Authorization" = "Bearer $accesstoken"} + $accesstoken = $tokens.access_token + [string]$refreshToken = $tokens.refresh_token + $headers = @{"Authorization" = "Bearer $accesstoken"; "User-Agent" = $UserAgent} # Construct the Graph API endpoint $graphApiUrl = "https://graph.microsoft.com/v1.0" $orginfo = Invoke-RestMethod -Uri "$graphApiUrl/organization" -Headers $headers @@ -7655,8 +8374,38 @@ function Invoke-SearchUserAttributes { [Parameter(Position = 0, Mandatory = $True)] [string] $SearchTerm = "" + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if ($Tokens) { Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } else { @@ -7669,7 +8418,7 @@ function Invoke-SearchUserAttributes { $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -7684,6 +8433,7 @@ function Invoke-SearchUserAttributes { $headers = @{ Authorization = "Bearer $accessToken" + "User-Agent" = $UserAgent } $usersEndpoint = "https://graph.microsoft.com/v1.0/users" @@ -7805,8 +8555,38 @@ Function Invoke-SearchMailbox{ $GraphRun, [switch] $PageResults + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ if(!$GraphRun){ @@ -7823,7 +8603,7 @@ Function Invoke-SearchMailbox{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -7842,6 +8622,7 @@ Function Invoke-SearchMailbox{ $headers = @{ "Authorization" = "Bearer $access_token" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } function Get-MailboxSearchHeaderValue { @@ -8347,8 +9128,38 @@ function Get-SharePointSiteURLs{ [Parameter(Position = 2, Mandatory = $False)] [int] $MaxSites = 0 + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ Write-Host -ForegroundColor yellow "[*] Using the provided access tokens." } @@ -8362,7 +9173,7 @@ function Get-SharePointSiteURLs{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -8391,6 +9202,7 @@ function Get-SharePointSiteURLs{ $headers = @{ "Authorization" = "Bearer $accessToken" + "User-Agent" = $UserAgent } Write-Host -ForegroundColor yellow "[*] Now getting SharePoint site URLs..." @@ -8879,8 +9691,38 @@ function Invoke-SearchTeams{ $OutFile = "", [switch] $GraphRun + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + if($Tokens){ #Suppressing output if GraphRun module is used if (!$GraphRun){ @@ -8897,7 +9739,7 @@ function Invoke-SearchTeams{ $answer = $answer.ToLower() if ($answer -eq "yes" -or $answer -eq "y") { Write-Host -ForegroundColor yellow "[*] Running Get-GraphTokens now..." - $tokens = Get-GraphTokens -ExternalCall + $tokens = Get-GraphTokens -ExternalCall -ClientID $ClientID -Device $Device -Browser $Browser $auth = "Yes" } elseif ($answer -eq "no" -or $answer -eq "n") { Write-Host -ForegroundColor Yellow "[*] Quitting..." @@ -9140,8 +9982,38 @@ function Invoke-CreateCalendarEvent { [Parameter()] [string[]]$Attendees = @() + +, + [Parameter(Mandatory = $False)] + [String] + $ClientID = "d3590ed6-52b3-4102-aeff-aad2292ab01c", + [Parameter(Mandatory = $False)] + [ValidateSet('Mac','Windows','AndroidMobile','iPhone')] + [String] + $Device = "Windows", + [Parameter(Mandatory = $False)] + [ValidateSet('Android','IE','Chrome','Firefox','Edge','Safari')] + [String] + $Browser = "Edge" ) + if ($Device) { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Device $Device -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent -Device $Device + } + } + else { + if ($Browser) { + $UserAgent = Invoke-ForgeUserAgent -Browser $Browser + } + else { + $UserAgent = Invoke-ForgeUserAgent + } + } + try { # Set the Microsoft Graph API endpoint for creating events $uri = "https://graph.microsoft.com/v1.0/me/events" @@ -9150,6 +10022,7 @@ function Invoke-CreateCalendarEvent { $headers = @{ "Authorization" = "Bearer $($Tokens.access_token)" "Content-Type" = "application/json" + "User-Agent" = $UserAgent } # Create the event data in a structured format