Add secrets to app
Last updated
Last updated
If you have a access_token that is able to Get-AzADApplication
:
It is possible to check if that access_token can set a secret on that app using a script: https://github.com/lutzenfried/OffensiveCloud/blob/main/Azure/Tools/Add-AzADAppSecret.ps1.
Now, using these secret we can impersonate that application: