MSOLSpray icon indicating copy to clipboard operation
MSOLSpray copied to clipboard

Published 20 hours ago verified publisher icon MartinIngesen

User-agent not set in headers, logs show python-requests/2.22.0

Open meewash-p opened this issue 3 years ago • 0 comments

Script does not set custom User-agent for the requests. As a result, AAD sign-ins log shows default python-requests user-agent which in case of penetration testing can raise suspicion if decent SIEM rules are in place.

Current code (lines 7-74)

    headers = {

        'Accept': 'application/json',

        'Content-Type': 'application/x-www-form-urlencoded',

    }

Changed User-agent (example):

    headers = {

        'Accept': 'application/json',

        'Content-Type': 'application/x-www-form-urlencoded',

        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36'

    }

meewash-p avatar Apr 18 '21 17:04 meewash-p