Az - Intune
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Basic Information
Microsoft Intune is designed to streamline the process of app and device management. Its capabilities extend across a diverse range of devices, encompassing mobile devices, desktop computers, and virtual endpoints. The core functionality of Intune revolves around managing user access and simplifying the administration of applications and devices within an organization's network.
Cloud -> On-Prem
A user with Global Administrator or Intune Administrator role can execute PowerShell scripts on any enrolled Windows device. The script runs with privileges of SYSTEM on the device only once if it doesn't change, and from Intune it's not possible to see the output of the script.
Login into https://endpoint.microsoft.com/#home or use Pass-The-PRT
Go to Devices -> All Devices to check devices enrolled to Intune
Go to Scripts and click on Add for Windows 10.
Add a Powershell script
Specify Add all users and Add all devices in the Assignments page.
The execution of the script can take up to one hour.
References
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Last updated