O365 Template
ciberesponce opened this issue · 2 comments
Is this still valid? Got everything done, except having issue with the O365 template/output. If this is still valid, I'll put the head down and "keep trying".
Awesome work--great research and more people need to talk about ADFS, SAML 2.0, misplaced trust, etc..
Keep getting a:
AADSTS90013 error
Note: I dumped the ADFS properly (thanks). Decoded where i needed to, converted to Hex where needed. ADFSpoof with o365 gives me a great output.
It's just using Burp now with the provided output of ADFSpoof which is causing the issue.
Looks like additional request headers are now mandatory with O365. Recommend folks do burp intercept to follow authN flow where it works looking for those additional params on the /login.srf PUT.
@dmb2168 great project, i learned a lot. This took many many more hours to figure out than I'd like to admit, but all-in-all, i'm a better person for it.
Owe you beers.
Hey, I've been getting a similar error "AADSTS50107: The requested federation realm object does not exist." If i compare legit vs forced request, the value of 'wresult' looks quite similar and the issuer is the same URL. Have you seen this error during your debugging/know a resolution?
Also in your flow, did you delete the 'wctx' parameter which is sent after 'wresult' in the POST request?