Skip to content

C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps

License

Notifications You must be signed in to change notification settings

HuskyHacks/SharpTokenFinder

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SharpTokenFinder

A C# implementation of TokenFinder. Enumerates M365 Desktop Office applications for plain text authentication tokens. Parses and prints out any interesting tokens that can be leveraged to compromise the user's M365 identity.

image

Usage

Run this as a reflective assembly or compile and run the executable. Ensure your payload architecture matches the process architecture for the apps that you are trying to mine.

Contributing

I included a set of M365 app processes and interesting token audiences for the checks, but if you have any battle-tested insights about other M365 app processes/token audiences that are exploitable, feel free to open a PR!

More info about this technique

More info about this technique

References

About

C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages