HackTricks CloudAz - Intune
Reading time: 2 minutes
tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Basic Information
Microsoft Intune is designed to streamline the process of app and device management. Its capabilities extend across a diverse range of devices, encompassing mobile devices, desktop computers, and virtual endpoints. The core functionality of Intune revolves around managing user access and simplifying the administration of applications and devices within an organization's network.
Cloud -> On-Prem
A user with Global Administrator or Intune Administrator role can execute PowerShell scripts on any enrolled Windows device.
The script runs with privileges of SYSTEM on the device only once if it doesn't change, and from Intune it's not possible to see the output of the script.
Get-AzureADGroup -Filter "DisplayName eq 'Intune Administrators'"
- Login into https://endpoint.microsoft.com/#home or use Pass-The-PRT
- Go to Devices -> All Devices to check devices enrolled to Intune
- Go to Scripts and click on Add for Windows 10.
- Add a Powershell script
- Specify Add all users and Add all devices in the Assignments page.
.png)
The execution of the script can take up to one hour.
References
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.