Az - Intune

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

Microsoft Intune is designed to streamline the process of app and device management. Its capabilities extend across a diverse range of devices, encompassing mobile devices, desktop computers, and virtual endpoints. The core functionality of Intune revolves around managing user access and simplifying the administration of applications and devices within an organization's network.

Cloud -> On-Prem

A user with Global Administrator or Intune Administrator role can execute PowerShell scripts on any enrolled Windows device. The script runs with privileges of SYSTEM on the device only once if it doesn't change, and from Intune it's not possible to see the output of the script.

Get-AzureADGroup -Filter "DisplayName eq 'Intune Administrators'"

Login into https://endpoint.microsoft.com/#home or use Pass-The-PRT
Go to Devices -> All Devices to check devices enrolled to Intune
Go to Scripts and click on Add for Windows 10.
Add a Powershell script
Specify Add all users and Add all devices in the Assignments page.

The execution of the script can take up to one hour.

References

https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousAz - Blob Storage NextAz - Key Vault

Last updated 4 months ago