Closed aconite33 closed 1 year ago
Correct username and password results in a error code of:
HTTP 400: Got an error we haven't seen yet: {'error': 'interaction_required', 'error_description': 'AADSTS530031: Access policy does not allow token issuance.\r\nTrace ID: 408deb1e-a8e4-43c0-996b-18811b6cea01\r\nCorrelation ID: 4a3249c3-e753-4e0a-8c4c-19dc6cb75764\r\nTimestamp: 2022-12-05 16:23:50Z', 'error_codes': [530031], 'timestamp': '2022-12-05 16:23:50Z', 'trace_id': '408deb1e-a8e4-43c0-996b-18811b6cea01', 'correlation_id': '4a3249c3-e753-4e0a-8c4c-19dc6cb75764', 'error_uri': 'https://login.microsoft.com/error?code=530031', 'suberror': 'message_only'}
Probably need to add this as an 'user is correct and password is correct' to continue to the authentication bypasses.
Fixed in https://github.com/blacklanternsecurity/TREVORspray/commit/70aca7b768937fd450b99ce753a9cad276b65551
Correct username and password results in a error code of:
Probably need to add this as an 'user is correct and password is correct' to continue to the authentication bypasses.