Fix missing populated parameters in SharePoint Online application

silverhack · Jun 20, 2024 · a6d821b · a6d821b
1 parent db04af6
commit a6d821b
Show file tree

Hide file tree

Showing 55 changed files with 574 additions and 9 deletions.
diff --git a/collectors/aad/msgraph/groups/Get-MonkeyAADGroup.ps1 b/collectors/aad/msgraph/groups/Get-MonkeyAADGroup.ps1
@@ -0,0 +1,132 @@
+# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+function Get-MonkeyAADGroup {
+<#
+        .SYNOPSIS
+		Collector to get information about groups from Microsoft Entra ID
+
+        .DESCRIPTION
+		Collector to get information about groups from Microsoft Entra ID
+
+        .INPUTS
+
+        .OUTPUTS
+
+        .EXAMPLE
+
+        .NOTES
+	        Author		: Juan Garrido
+            Twitter		: @tr1ana
+            File Name	: Get-MonkeyAADGroup
+            Version     : 1.0
+
+        .LINK
+            https://github.com/silverhack/monkey365
+    #>
+
+	[CmdletBinding()]
+	param(
+		[Parameter(Mandatory = $false,HelpMessage = "Background Collector ID")]
+		[string]$collectorId
+	)
+	begin {
+		#Collector metadata
+		$monkey_metadata = @{
+			Id = "aad0007";
+			Provider = "EntraID";
+			Resource = "EntraID";
+			ResourceType = $null;
+			resourceName = $null;
+			collectorName = "Get-MonkeyAADGroup";
+			ApiType = "MSGraph";
+			description = "Collector to get information about groups from Microsoft Entra ID";
+			Group = @(
+				"EntraID"
+			);
+			Tags = @{
+				"enabled" = $true
+			};
+			Docs = "https://silverhack.github.io/monkey365/";
+			ruleSuffixes = @(
+				"aad_groups"
+			);
+			dependsOn = @(
+
+			);
+		}
+		#Get Config
+		try {
+			$aadConf = $O365Object.internal_config.entraId.Provider.msgraph
+		}
+		catch {
+			$msg = @{
+				MessageData = ($message.MonkeyInternalConfigError);
+				callStack = (Get-PSCallStack | Select-Object -First 1);
+				logLevel = 'verbose';
+				InformationAction = $O365Object.InformationAction;
+				Tags = @('Monkey365ConfigError');
+			}
+			Write-Verbose @msg
+			break
+		}
+		$groups = $null
+	}
+	process {
+		$msg = @{
+			MessageData = ($message.MonkeyGenericTaskMessage -f $collectorId,"Microsoft Entra ID Groups Information",$O365Object.TenantID);
+			callStack = (Get-PSCallStack | Select-Object -First 1);
+			logLevel = 'info';
+			InformationAction = $O365Object.InformationAction;
+			Tags = @('EntraIDGroupInfo');
+		}
+		Write-Information @msg
+		$p = @{
+			APIVersion = $aadConf.api_version;
+			InformationAction = $O365Object.InformationAction;
+			Verbose = $O365Object.Verbose;
+			Debug = $O365Object.Debug;
+		}
+		$groups = Get-MonkeyMSGraphGroup @p
+	}
+	end {
+		if ($null -ne $groups) {
+			$domains.PSObject.TypeNames.Insert(0,'Monkey365.EntraID.GroupInfo')
+			[pscustomobject]$obj = @{
+				Data = $groups;
+				Metadata = $monkey_metadata;
+			}
+			$returnData.aad_groups = $obj;
+		}
+		else {
+			$msg = @{
+				MessageData = ($message.MonkeyEmptyResponseMessage -f "Microsoft Entra ID Groups Info",$O365Object.TenantID);
+				callStack = (Get-PSCallStack | Select-Object -First 1);
+				logLevel = "verbose";
+				InformationAction = $O365Object.InformationAction;
+				Verbose = $O365Object.Verbose;
+				Tags = @('EntraIDGroupEmptyResponse')
+			}
+			Write-Verbose @msg
+		}
+	}
+}
+
+
+
+
+
+
+
diff --git a/collectors/m365/SecurityCompliance/RBAC/Get-MonkeySeCompRoleManagement.ps1 b/collectors/m365/SecurityCompliance/RBAC/Get-MonkeySeCompRoleManagement.ps1
@@ -84,7 +84,7 @@ function Get-MonkeySeCompRoleManagement {
 				MessageData = ($message.MonkeyGenericTaskMessage -f $collectorId,"Security & Compliance role management",$O365Object.TenantID);
 				callStack = (Get-PSCallStack | Select-Object -First 1);
 				logLevel = 'info';
-				InformationAction = $InformationAction;
+				InformationAction = $O365Object.InformationAction;
 				Tags = @('SecCompRoleManagementInfo');
 			}
 			Write-Information @msg
@@ -193,7 +193,7 @@ function Get-MonkeySeCompRoleManagement {
 		}
 		elseif ($getExoGroups -eq $false) {
 			$msg = @{
-				MessageData = ("EXO groups for PurView disabled in configuration file for {0}",$O365Object.TenantID);
+				MessageData = ("EXO groups for PurView disabled in configuration file for {0}" -f $O365Object.TenantID);
 				callStack = (Get-PSCallStack | Select-Object -First 1);
 				logLevel = "verbose";
 				InformationAction = $O365Object.InformationAction;
@@ -204,7 +204,7 @@ function Get-MonkeySeCompRoleManagement {
 		}
 		else {
 			$msg = @{
-				MessageData = ($message.MonkeyEmptyResponseMessage -f "Security \\u0026 Compliance role management",$O365Object.TenantID);
+				MessageData = ($message.MonkeyEmptyResponseMessage -f "Security & Compliance role management",$O365Object.TenantID);
 				callStack = (Get-PSCallStack | Select-Object -First 1);
 				logLevel = "verbose";
 				InformationAction = $O365Object.InformationAction;

diff --git a/collectors/m365/microsoft_admin/general/Get-MonkeyM365CortanaAppConfig.ps1 b/collectors/m365/microsoft_admin/general/Get-MonkeyM365CortanaAppConfig.ps1
@@ -0,0 +1,126 @@
+# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+function Get-MonkeyM365CortanaAppConfig {
+<#
+        .SYNOPSIS
+		Collector to get information about cortana app settings in Microsoft 365
+
+        .DESCRIPTION
+		Collector to get information about cortana app settings in Microsoft 365
+
+        .INPUTS
+
+        .OUTPUTS
+
+        .EXAMPLE
+
+        .NOTES
+	        Author		: Juan Garrido
+            Twitter		: @tr1ana
+            File Name	: Get-MonkeyM365CortanaAppConfig
+            Version     : 1.0
+
+        .LINK
+            https://github.com/silverhack/monkey365
+    #>
+
+	[CmdletBinding()]
+	param(
+		[Parameter(Mandatory = $false,HelpMessage = "Background Collector ID")]
+		[string]$collectorId
+	)
+	begin {
+		#Collector metadata
+		$monkey_metadata = @{
+			Id = "m365admin004";
+			Provider = "Microsoft365";
+			Resource = "Microsoft365";
+			ResourceType = $null;
+			resourceName = $null;
+			collectorName = "Get-MonkeyM365CortanaAppConfig";
+			ApiType = "MSGraph";
+			description = "Collector to get information about cortana app settings in Microsoft 365";
+			Group = @(
+				"Microsoft365"
+			);
+			Tags = @{
+				"enabled" = $true
+			};
+			Docs = "https://silverhack.github.io/monkey365/";
+			ruleSuffixes = @(
+				"m365_cortana_app"
+			);
+			dependsOn = @(
+
+			);
+		}
+		#Get Config
+		try {
+			$aadConf = $O365Object.internal_config.entraId.Provider.msgraph
+		}
+		catch {
+			$msg = @{
+				MessageData = ($message.MonkeyInternalConfigError);
+				callStack = (Get-PSCallStack | Select-Object -First 1);
+				logLevel = 'verbose';
+				InformationAction = $O365Object.InformationAction;
+				Tags = @('Monkey365ConfigError');
+			}
+			Write-Verbose @msg
+			break
+		}
+		$app = $null
+	}
+	process {
+		$msg = @{
+			MessageData = ($message.MonkeyGenericTaskMessage -f $collectorId,"Microsoft MSGraph applications",$O365Object.TenantID);
+			callStack = (Get-PSCallStack | Select-Object -First 1);
+			logLevel = 'info';
+			InformationAction = $O365Object.InformationAction;
+			Tags = @('MSGraphApplicationInfo');
+		}
+		Write-Information @msg
+		$p = @{
+			APIVersion = $aadConf.api_version;
+            Filter = "appId eq '0a0a29f9-0a25-49c7-94bf-c53c3f8fa69d'";
+			InformationAction = $O365Object.InformationAction;
+			Verbose = $O365Object.Verbose;
+			Debug = $O365Object.Debug;
+		}
+		$app = Get-MonkeyMSGraphAADServicePrincipal @p
+	}
+	end {
+		if ($null -ne $app) {
+			$app.PSObject.TypeNames.Insert(0,'Monkey365.MSGraph.CortanaApp')
+			[pscustomobject]$obj = @{
+				Data = $app;
+				Metadata = $monkey_metadata;
+			}
+			$returnData.m365_cortana_app = $obj;
+		}
+		else {
+			$msg = @{
+				MessageData = ($message.MonkeyEmptyResponseMessage -f "Microsoft MSGraph applications",$O365Object.TenantID);
+				callStack = (Get-PSCallStack | Select-Object -First 1);
+				logLevel = "verbose";
+				InformationAction = $O365Object.InformationAction;
+				Verbose = $O365Object.Verbose;
+				Tags = @('MSGraphApplicationEmptyMessage')
+			}
+			Write-Verbose @msg
+		}
+	}
+}