Links

Az - Intune

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

Basic Information

Microsoft Intune is designed to streamline the process of app and device management. Its capabilities extend across a diverse range of devices, encompassing mobile devices, desktop computers, and virtual endpoints. The core functionality of Intune revolves around managing user access and simplifying the administration of applications and devices within an organization's network.

Cloud -> On-Prem

A user with Global Administrator or Intune Administrator role can execute PowerShell scripts on any enrolled Windows device. The script runs with privileges of SYSTEM on the device only once if it doesn't change, and from Intune it's not possible to see the output of the script.
Get-AzureADGroup -Filter "DisplayName eq 'Intune Administrators'"
  1. 1.
    Login into https://endpoint.microsoft.com/#home or use Pass-The-PRT
  2. 2.
    Go to Devices -> All Devices to check devices enrolled to Intune
  3. 3.
    Go to Scripts and click on Add for Windows 10.
  4. 4.
    Add a Powershell script
  5. 5.
    Specify Add all users and Add all devices in the Assignments page.
The execution of the script can take up to one hour.

References

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: