Skip to content

Modules: Copilot M365 ‐ Dump

Jump to bottom Edit New page
lanasalameh1 edited this page Aug 7, 2024 · 1 revision

Description

Data dump is a tool for exploring information in Microsoft 365 from a Red Team perspective.

  1. Extract emails contents
  2. Sharepoint site content enumeration and extraction
  3. Password and credentials harvesting

Usage

powerpwn cli

  • Run the following command:
    powerpwn copilot dump --user {user} --password {password} --scenario {scenario} --verbose {verbosity level} --directory {whoami output directory}

The access token is cached in tokens.json local cache file if acquired successfully.

  • Run the copilot dump command with following arguments to use the cached access token:
    powerpwn copilot dump --user {user} --cached-token --scenario {scenario} --verbose {verbosity level} --directory {whoami output directory}

Command Parameters

  • user: The email of the connected user. Required parameter.

  • password: The password of the connected account. Optional parameter.

  • scenario: Copilot application to connect to. 'teamshub' for Teams and 'officeweb' Business Chat web applications. Required parameter.

  • verbose: Verbosity flag for writing logs to a local file with name 'session_{session_id}.log'. Options are 'off', 'mid' and 'full'. Default is 'off'

  • cached-token: If presents in the command arguments, it tries to use the cached access token if exists, otherwise it falls back to user/password authentication if password is provided.

  • directory: output directory of whoami command run.

Notice:
All command outputs are saved to 'copilot_dump_{random execution GUID}' directory
The final findings will be saved to file 'who_i_am_report.txt'
The execution logs will be saved to file 'who_i_am_debug.log'

python

from powerpwn.copilot.models.chat_argument import ChatArguments
from powerpwn.copilot.enums.copilot_scenario_enum import CopilotScenarioEnum
from powerpwn.copilot.enums.verbose_enum import VerboseEnum
from powerpwn.copilot.dump.dump import Dump

args = ChatArguments(
        user="USER",
        password="PASSWORD",
        verbose=VerboseEnum.full,
        scenario=CopilotScenarioEnum.teamshub,
        use_cached_access_token=False
    )
input_dir = "path to whoami output dir"

dump = Dump(args, input_dir).run()
Add a custom footer
Add a custom sidebar
Clone this wiki locally