Breaching Azure Intro
Introduction to Azure
Breaching SolarDrops
Breaching Bogus Bank

BA 15 – Azure and Microsoft 365 REST APIs

Azure and Office 365 REST APIs are interfaces that allow developers to interact with Microsoft Azure and Office 365 services programmatically over HTTP. These APIs provide a set of endpoints and methods that enable developers to perform various tasks, such as managing resources, retrieving data, and automating workflows, without needing to use a graphical interface. The purpose of using these APIs is to streamline development processes, integrate Microsoft services with other applications, and automate repetitive tasks, ultimately enhancing productivity and efficiency. Some of the most common APIs include Microsoft Graph, Azure Management API, and Microsoft Graph API.

Microsoft Graph API is a unified endpoint that provides access to data and intelligence across Microsoft 365 services, including Entra ID, Exchange Online, SharePoint, OneDrive, and more. Developers can use Microsoft Graph to perform operations such as reading and writing user data, managing groups and permissions, and accessing insights and intelligence from Microsoft 365 services.

Azure Management API, on the other hand, enables developers to manage Azure resources programmatically. This API allows for tasks such as creating and managing virtual machines, managing storage accounts, configuring networking resources, and monitoring Azure services.

The structure of these APIs typically involves sending HTTP requests to specific endpoints, along with any required parameters or authentication tokens, and receiving JSON-formatted responses containing the requested data or confirmation of the operation. For example, using the Microsoft Graph API, developers can retrieve a user’s profile information by sending a GET request to the /me endpoint, authenticate using OAuth 2.0, and receive a JSON response containing details such as the user’s name, email address, and job title. 

Example of how to retrieve user’s profile information using PowerShell and Microsoft Graph API can be found below:

# Define the endpoint for retrieving user profile information
$endpoint = "https://graph.microsoft.com/v1.0/me"

# Define the authentication token (OAuth 2.0 access token)
$accessToken = "YOUR_ACCESS_TOKEN"

# Define the headers for the HTTP request
$headers = @{
    "Authorization" = "Bearer $accessToken"
    "Content-Type"  = "application/json"
}

# Send a GET request to the endpoint to retrieve the user's profile information
$response = Invoke-RestMethod -Uri $endpoint -Headers $headers -Method Get

# Output the retrieved user profile information
Write-Host "User Profile Information:"
Write-Host "--------------------------"
Write-Host "Display Name: $($response.displayName)"
Write-Host "Email Address: $($response.mail)"
Write-Host "Job Title: $($response.jobTitle)"
Write-Host "User Principal Name: $($response.userPrincipalName)"
Write-Host "--------------------------"

Similarly, with the Azure Management API, developers can create a virtual machine by sending a POST request to the /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines endpoint, providing the necessary parameters such as the VM name, size, and configuration settings. These APIs empower developers to build sophisticated applications and automation solutions that leverage the rich capabilities of Microsoft Azure and Office 365 services. Example of Azure using Powershell and Azure Management API can be found below:

# Define the Azure Management API endpoint for listing virtual machines
$endpoint = "https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines?api-version=2021-04-01"

# Define the Azure AD tenant ID
$tenantId = "YOUR_TENANT_ID"

# Define the client ID (Application ID) of the Azure AD application
$clientID = "YOUR_CLIENT_ID"

# Define the client secret of the Azure AD application
$clientSecret = "YOUR_CLIENT_SECRET"

# Define the Azure AD token endpoint
$tokenEndpoint = "https://login.microsoftonline.com/$tenantId/oauth2/token"

# Define the scope for accessing Azure Management API
$scope = "https://management.azure.com/.default"

# Define the body of the token request
$body = @{
    "client_id"     = $clientID
    "client_secret" = $clientSecret
    "grant_type"    = "client_credentials"
    "scope"         = $scope
}

# Send a POST request to the Azure AD token endpoint to obtain an access token
$tokenResponse = Invoke-RestMethod -Uri $tokenEndpoint -Method Post -Body $body

# Extract the access token from the token response
$accessToken = $tokenResponse.access_token

# Define the headers for the HTTP request
$headers = @{
    "Authorization" = "Bearer $accessToken"
    "Content-Type"  = "application/json"
}

# Send a GET request to the Azure Management API endpoint to retrieve the list of virtual machines
$response = Invoke-RestMethod -Uri $endpoint -Headers $headers -Method Get

# Output the list of virtual machines
Write-Host "List of Virtual Machines:"
Write-Host "--------------------------"
$response.value | ForEach-Object {
    Write-Host "VM Name: $($_.name)"
    Write-Host "Resource Group: $($_.resourceGroup)"
    Write-Host "Location: $($_.location)"
    Write-Host "--------------------------"
}

Additional Reading: