monkey365 icon indicating copy to clipboard operation
monkey365 copied to clipboard
verified publisher icon silverhack

[Bug]: Errors Running SharePoint and OneDrive Scans in Monkey365

Open sompoccoe opened this issue 1 year ago • 3 comments

Hi, Thank you for your support. Please see the following bug discription, using your bug issue format.

What happened:

I encountered errors when running the scan for SharePoint and OneDrive using the "Microsoft365" option in Monkey365. I followed the example commands from the documentation, but they resulted in errors. (I've attached a screenshot of the command and errors.)

How to reproduce it:

Run the scan commands for SharePoint and OneDrive as shown in the Monkey365 examples. Observe the errors that occur.

Expected behavior:

To successfully scan and generate reports for SharePoint and OneDrive as can be seen in your example. The example from your website: https://silverhack.github.io/monkey365/ image

Screenshots or Logs:

Attached is the screenshot of the command and the errors.

image

From where I ran it Monkey365:

Resource: Workstation OS: Windows 11 Pro PowerShell Version: image

Monkey365 Version: Monkey365 v0.92-alpha Others: N/A

Additional context:

I have assigned all the permissions mentioned on the Permissions page in the documentation to the user running the scan. Just in case I also followed the recommendations in the https://silverhack.github.io/monkey365/authentication/limitations/#sharepoint-online-in-powershell-core.

sompoccoe avatar Sep 30 '24 15:09 sompoccoe

Hi @sompoccoe thank you for the report. Could you please add the Verbose, Debug and informationaction to see debug errors? It seems that Monkey365 is unable to find the SharePoint URL but without more info (verbose and debug options) is hard to see what the error is.

Thanks

silverhack avatar Sep 30 '24 16:09 silverhack

Hi @silverhack, I fixed the bug locally by editing the URL on those three functions: Get-OneDriveUrl, Get-SharepointUrl, and Get-SharepointAdminUrl to contain my hardcoded OneDrive and SharePoint URLs.

It seems like the SharePoint and OneDrive URLs are not always the same as the endpoint URL[0], for my Azure environment it was a bit different (the “-admin.sharepoint.com” stayed the same)

https://github.com/silverhack/monkey365/blob/b3f43c4a2d014fcc3aae0a4103c8f2610fbb4980/core/modules/monkeycloudutils/public/Get-SharepointAdminUrl.ps1 image

sompoccoe avatar Oct 01 '24 15:10 sompoccoe

Hi @sompoccoe thanks for confirming!

So it seems that monkey365 is unable to get information from Microsoft Graph regarding available domains for SharePoint.

As a workaround, you can include the -ScanSites param

Invoke-Monkey365 -Instance Microsoft365 -Analysis SharePointOnline `
                 -ScanSites https://**yourdomain**.sharepoint.com `
                 -DeviceCode -Verbose -Debug `
                 -InformationAction Continue -Compress

Additionaly, and due that your main OS is Windows and PowerShell core, you can also force monkey365 to load MSAL libraries for Windows desktop and omit the DeviceCode, as shown below:

Invoke-Monkey365 -Instance Microsoft365 -Analysis SharePointOnline `
                 -ScanSites https://**yourdomain**.sharepoint.com `
                 -Verbose -Debug `
                 -InformationAction Continue -Compress -ForceMSALDesktop

That flag is not documented yet, I'll add this to my TODO list and will try to better document the tool.

Thanks,

silverhack avatar Oct 03 '24 15:10 silverhack