silverhack
diff --git a/‎.gitignore‎
Lines changed: 0 additions & 6 deletions b/‎.gitignore‎
Lines changed: 0 additions & 6 deletions
diff --git a/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSite.ps1‎
Lines changed: 116 additions & 0 deletions b/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSite.ps1‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSiteAccessRequest.ps1‎
Lines changed: 105 additions & 0 deletions b/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSiteAccessRequest.ps1‎
Lines changed: 105 additions & 0 deletions
diff --git a/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSiteCollectionAdministrator.ps1‎
Lines changed: 104 additions & 0 deletions b/‎core/api/m365/sharepointonline/csom/helpers/site/Get-MonkeyCSOMSiteCollectionAdministrator.ps1‎
Lines changed: 104 additions & 0 deletions
@@ -1,15 +1,9 @@
 # logs
-azurereview.log
 /log/*.log
 
 # Data folder
 monkey-reports*
 
-# Azurite
-__azurite_db_queue__.json
-__azurite_db_queue_extent__.json
-
-site/
 *.csv
 *bak
 *.ps1.bak
 
@@ -0,0 +1,116 @@
+# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+Function Get-MonkeyCSOMSite{
+    <#
+        .SYNOPSIS
+        Get site from SharePoint Online
+
+        .DESCRIPTION
+        Get site from SharePoint Online
+
+        .INPUTS
+
+        .OUTPUTS
+
+        .EXAMPLE
+
+        .NOTES
+	        Author		: Juan Garrido
+            Twitter		: @tr1ana
+            File Name	: Get-MonkeyCSOMSite
+            Version     : 1.0
+
+        .LINK
+            https://github.com/silverhack/monkey365
+    #>
+    [cmdletbinding()]
+    Param (
+        [parameter(Mandatory=$False, HelpMessage="Authentication object")]
+        [Object]$Authentication,
+
+        [parameter(Mandatory=$False, HelpMessage="Endpoint")]
+        [String]$Endpoint,
+
+        [parameter(Mandatory=$false, HelpMessage="All SharePoint web objects")]
+        [Switch]$All,
+
+        [Parameter(Mandatory= $false, ParameterSetName = 'Includes', HelpMessage="Includes")]
+        [string[]]$Includes
+    )
+    Begin{
+        $select_all_properties = @(
+            'Folder','Lists',
+            'RoleDefinitionBindings',
+            'Member','ParentList',
+            'RoleAssignments','File',
+            'RootFolder','Webs',
+            'CustomScriptSafeDomains'
+        )
+        #Get Site
+        [xml]$body_data = '<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="Monkey 365" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009"><Actions><ObjectPath Id="2" ObjectPathId="1"/><ObjectPath Id="4" ObjectPathId="3"/><Query Id="5" ObjectPathId="3"><Query SelectAllProperties="true"></Query></Query></Actions><ObjectPaths><StaticProperty Id="1" TypeId="{3747adcd-a3c3-41b9-bfab-4a64dd2f1e0a}" Name="Current"/><Property Id="3" ParentId="1" Name="Site"/></ObjectPaths></Request>'
+        #Set properties
+        $properties = $body_data.CreateElement("Properties", $body_data.NamespaceURI)
+        #Check if includes
+        if($PSCmdlet.ParameterSetName -eq 'Includes'){
+            foreach($include in $Includes){
+                $prop = $body_data.CreateNode([System.Xml.XmlNodeType]::Element, $body_data.Prefix, 'Property', $body_data.NamespaceURI);
+                #Set attributes
+                [void]$prop.SetAttribute('Name',$include)
+                if($include -in $select_all_properties){
+                    [void]$prop.SetAttribute('SelectAll','true')
+                }
+                else{
+                    [void]$prop.SetAttribute('ScalarProperty','true')
+                }
+                [void]$properties.AppendChild($prop)
+            }
+        }
+        [void]$body_data.Request.Actions.Query.Query.AppendChild($properties)
+        [xml]$body_data = $body_data.OuterXml.Replace(" xmlns=`"`"", "")
+    }
+    Process{
+        if($PSBoundParameters.ContainsKey('All') -and $PSBoundParameters['All'].IsPresent){
+            $p = Set-CommandParameter -Command "Get-MonkeyCSOMSiteProperty" -Params $PSBoundParameters
+            $Urls = @(Get-MonkeyCSOMSiteProperty @p).Where({$_.Template -notlike "SRCHCEN#0" -and $_.Template -notlike "SPSMSITEHOST*" -and $_.Template -notlike "RedirectSite#0"}) | Select-Object -ExpandProperty Url -ErrorAction Ignore
+            #$Urls = Get-MonkeyCSOMSiteProperty @p | Select-Object -ExpandProperty Url -ErrorAction Ignore
+            if($null -ne $Urls){
+                #Remove All param
+                [void]$PSBoundParameters.Remove('All');
+                @($Urls).ForEach({Get-MonkeyCSOMSite -Endpoint $_ @PSBoundParameters}).Where({$null -ne $_})
+            }
+        }
+        Else{
+            $p = Set-CommandParameter -Command "Invoke-MonkeyCSOMRequest" -Params $PSBoundParameters
+            #Add authentication header if missing
+            if(!$p.ContainsKey('Authentication')){
+                if($null -ne $O365Object.auth_tokens.SharePointOnline){
+                    [void]$p.Add('Authentication',$O365Object.auth_tokens.SharePointOnline);
+                }
+                Else{
+                    Write-Warning -Message ($message.NullAuthenticationDetected -f "SharePoint Online")
+                    break
+                }
+            }
+            #Add post Data
+            [void]$p.Add('Data',$body_data);
+            #Execute query
+            Invoke-MonkeyCSOMRequest @p
+        }
+    }
+    End{
+        #Nothing to do here
+    }
+}
+
@@ -0,0 +1,105 @@
+# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+Function Get-MonkeyCSOMSiteAccessRequest{
+    <#
+        .SYNOPSIS
+		Get Sharepoint Online site access request
+
+        .DESCRIPTION
+		Get Sharepoint Online site access request
+
+        .INPUTS
+
+        .OUTPUTS
+
+        .EXAMPLE
+
+        .NOTES
+	        Author		: Juan Garrido
+            Twitter		: @tr1ana
+            File Name	: Get-MonkeyCSOMSiteAccessRequest
+            Version     : 1.0
+
+        .LINK
+            https://github.com/silverhack/monkey365
+    #>
+
+    [CmdletBinding(DefaultParameterSetName = 'Current')]
+    Param (
+        [parameter(Mandatory=$true, ParameterSetName = 'Web', ValueFromPipeline = $true, HelpMessage="Web Object")]
+        [Object]$Web,
+
+        [Parameter(Mandatory= $false, HelpMessage="Authentication Object")]
+        [Object]$Authentication,
+
+        [parameter(Mandatory=$true, ParameterSetName = 'Endpoint', HelpMessage="SharePoint Url")]
+        [Object]$Endpoint
+    )
+    Process{
+        try{
+            If($PSCmdlet.ParameterSetName -eq "Current" -or $PSCmdlet.ParameterSetName -eq "Endpoint"){
+                $p = Set-CommandParameter -Command "Get-MonkeyCSOMWeb" -Params $PSBoundParameters
+                $_Web = Get-MonkeyCSOMWeb @p
+                if($_Web){
+                    #Remove Endpoint if exists
+                    [void]$PSBoundParameters.Remove('Endpoint');
+                    $_Web | Get-MonkeyCSOMSiteAccessRequest @PSBoundParameters
+                    return
+                }
+            }
+            foreach($_Web in @($Web)){
+                #Check for objectType
+                $objectType = $_Web | Select-Object -ExpandProperty _ObjectType_ -ErrorAction Ignore
+                if ($null -ne $objectType -and $objectType -eq 'SP.Web'){
+                    If(($_Web | Test-HasUniqueRoleAssignment)){
+                        #Set command parameters
+                        $p = Set-CommandParameter -Command "Get-MonkeyCSOMList" -Params $PSBoundParameters
+                        #Add Filter
+                        [void]$p.Add('Filter','Access Requests');
+                        #Add Web
+                        $p.Item('Web') = $_Web
+                        #Execute query
+                        $arList = Get-MonkeyCSOMList @p
+                        if($null -ne $arList){
+                            #Set command parameters
+                            $p = Set-CommandParameter -Command "Get-MonkeyCSOMListItem" -Params $PSBoundParameters
+                            #Add List
+                            $p.Item('List') = $arList;
+                            $access_requests = Get-MonkeyCSOMListItem @p
+                            if($null -ne $access_requests){
+                                $access_requests | New-MonkeyCSOMSiteAccesRequestObject
+                            }
+                        }
+                    }
+                }
+                Else{
+                    $msg = @{
+                        MessageData = ($message.SPOInvalidWebObjectMessage);
+                        callStack = (Get-PSCallStack | Select-Object -First 1);
+                        logLevel = 'Warning';
+                        InformationAction = $O365Object.InformationAction;
+                        Tags = @('MonkeyCSOMInvalidWebObject');
+                    }
+                    Write-Warning @msg
+                }
+            }
+        }
+        Catch{
+            Write-Error $_
+        }
+    }
+}
+
@@ -0,0 +1,104 @@
+# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+Function Get-MonkeyCSOMSiteCollectionAdministrator{
+    <#
+        .SYNOPSIS
+        Get site collection administrators from SharePoint Online
+
+        .DESCRIPTION
+        Get site collection administrators from SharePoint Online
+
+        .INPUTS
+
+        .OUTPUTS
+
+        .EXAMPLE
+
+        .NOTES
+	        Author		: Juan Garrido
+            Twitter		: @tr1ana
+            File Name	: Get-MonkeyCSOMSiteCollectionAdministrator
+            Version     : 1.0
+
+        .LINK
+            https://github.com/silverhack/monkey365
+    #>
+    [CmdletBinding(DefaultParameterSetName = 'Current')]
+    #[OutputType([System.Collections.Generic.List[System.Management.Automation.PSObject]])]
+    Param (
+        [parameter(Mandatory=$false, HelpMessage="Authentication Object")]
+        [Object]$Authentication,
+
+        [parameter(Mandatory=$false, ParameterSetName = 'Site', ValueFromPipeline = $true, HelpMessage="Web Object")]
+        [Object]$Site,
+
+        [parameter(Mandatory=$false, ParameterSetName = 'Endpoint', HelpMessage="SharePoint Url")]
+        [Object]$Endpoint
+    )
+    Begin{
+        #Get Site
+        [xml]$body_data = '<Request AddExpandoFieldTypeSuffix="true" SchemaVersion="15.0.0.0" LibraryVersion="16.0.0.0" ApplicationName="Monkey 365" xmlns="http://schemas.microsoft.com/sharepoint/clientquery/2009"><Actions><ObjectPath Id="6" ObjectPathId="5" /><Query Id="7" ObjectPathId="5"><Query SelectAllProperties="false"><Properties /></Query><ChildItemQuery SelectAllProperties="false"><Properties><Property Name="Id" ScalarProperty="true" /><Property Name="Title" ScalarProperty="true" /><Property Name="LoginName" ScalarProperty="true" /><Property Name="Email" ScalarProperty="true" /><Property Name="IsShareByEmailGuestUser" ScalarProperty="true" /><Property Name="IsSiteAdmin" ScalarProperty="true" /><Property Name="UserId" ScalarProperty="true" /><Property Name="IsHiddenInUI" ScalarProperty="true" /><Property Name="PrincipalType" ScalarProperty="true" /><Property Name="Alerts"><Query SelectAllProperties="false"><Properties /></Query><ChildItemQuery SelectAllProperties="false"><Properties><Property Name="Title" ScalarProperty="true" /><Property Name="Status" ScalarProperty="true" /></Properties></ChildItemQuery></Property><Property Name="Groups"><Query SelectAllProperties="false"><Properties /></Query><ChildItemQuery SelectAllProperties="false"><Properties><Property Name="Id" ScalarProperty="true" /><Property Name="Title" ScalarProperty="true" /><Property Name="LoginName" ScalarProperty="true" /></Properties></ChildItemQuery></Property></Properties><QueryableExpression><Where><Test><Parameters><Parameter Name="u" /></Parameters><Body><ExpressionProperty Name="IsSiteAdmin"><ExpressionParameter Name="u" /></ExpressionProperty></Body></Test><Object><QueryableObject /></Object></Where></QueryableExpression></ChildItemQuery></Query></Actions><ObjectPaths><Property Id="5" ParentId="3" Name="SiteUsers" /><Property Id="3" ParentId="1" Name="Web" /><StaticProperty Id="1" TypeId="{3747adcd-a3c3-41b9-bfab-4a64dd2f1e0a}" Name="Current" /></ObjectPaths></Request>'
+    }
+    Process{
+        If($PSCmdlet.ParameterSetName -eq "Endpoint" -or $PSCmdlet.ParameterSetName -eq "Current"){
+            $p = Set-CommandParameter -Command "Get-MonkeyCSOMSite" -Params $PSBoundParameters
+            $_Site = Get-MonkeyCSOMSite @p
+            if($_Site){
+                $_Site | Get-MonkeyCSOMSiteCollectionAdministrator @PSBoundParameters
+            }
+        }
+    }
+    End{
+        foreach($_Site in @($PSBoundParameters['Site']).Where({$null -ne $_})){
+            $objectType = $_Site | Select-Object -ExpandProperty _ObjectType_ -ErrorAction Ignore
+            if ($null -ne $objectType -and $objectType -eq 'SP.Site'){
+                #Set command parameters
+                $p = Set-CommandParameter -Command "Invoke-MonkeyCSOMRequest" -Params $PSBoundParameters
+                #Add authentication header if missing
+                if(!$p.ContainsKey('Authentication')){
+                    if($null -ne $O365Object.auth_tokens.SharePointOnline){
+                        [void]$p.Add('Authentication',$O365Object.auth_tokens.SharePointOnline);
+                    }
+                    Else{
+                        Write-Warning -Message ($message.NullAuthenticationDetected -f "SharePoint Online")
+                        break
+                    }
+                }
+                #Update EndPoint
+                $p.Item('Endpoint') = $_Site.Url;
+                #Add Data
+                [void]$p.Add('Data',$body_data);
+                #Execute query
+                $members = Invoke-MonkeyCSOMRequest @p
+                $objectType = $members | Select-Object -ExpandProperty _ObjectType_ -ErrorAction Ignore
+                if ($null -ne $objectType -and $objectType -eq 'SP.UserCollection'){
+                    $p = Set-CommandParameter -Command "Resolve-MonkeyCSOMIdentity" -Params $PSBoundParameters
+                    $members._Child_Items_ | Resolve-MonkeyCSOMIdentity @p
+                }
+            }
+            Else{
+                $msg = @{
+                    MessageData = ($message.SPOInvalidSiteObjectMessage);
+                    callStack = (Get-PSCallStack | Select-Object -First 1);
+                    logLevel = 'Warning';
+                    InformationAction = $O365Object.InformationAction;
+                    Tags = @('MonkeyCSOMInvalidSiteObject');
+                }
+                Write-Warning @msg
+            }
+        }
+    }
+}
+