CVE-2023-23397

cfr microsoft note : CVE-2023-23397 script - Microsoft - CSS-Exchange

powershell in admin mode

Connect-MSOLService

Install-Module AzureAD

import-Module ExchangeOnlineManagement
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.1.0

Connect-ExchangeOnline -UserPrincipalName user@domein.be

  • .\CVE-2023-23397.ps1 -CreateAzureApplication
  • download : https://api.nuget.org/v3-flatcontainer/microsoft.exchange.webservices/2.2.0/microsoft.exchange.webservices.2.2.0.nupkg
  • unzip
  • download script : https://github.com/microsoft/CSS-Exchange/releases/latest/download/CVE-2023-23397.ps1
  • run in elevated powershell : Get-Mailbox | .\CVE-2023-23397.ps1 -Environment "Online"
  • .\CVE-2023-23397.ps1 -DeleteAzureApplication

Office 2013 -> modern authentication aanzetten

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Exchange]
“AlwaysUseMSOAuthForAutoDiscover”=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common]

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity]
“EnableADAL”=dword:00000001
“Version”=dword:00000001

–> bovenstaande in een .reg bestand opslaan, rechterklik en kiezen voor samenvoegen

mailbox size vergroten naar 100Gb

Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName user@domein.be
Set-Mailbox -ProhibitSendQuota 99 -ProhibitSendReceiveQuota 100 -IssueWarningQuota 98
—-
Outlook 2016 / Outlook 2019 / Microsoft 365
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\PST
The following 2 new DWORD values must be created or set;

WarnLargeFileSize
Don’t set this higher than 4090445042 (decimal) or f3cf3cf2 (hexadecimal)
MaxLargeFileSize
Don’t set this higher than 4294967295 (decimal) or ffffffff (hexadecimal)

onedrive groottes in Office365 bepalen

Param(
[Parameter(Position=0, Mandatory=$true, ValueFromPipeline=$true)]
[string] $Tenantname,
[Parameter(Position=0, Mandatory=$true, ValueFromPipeline=$true)]
[string] $Username,
[Parameter(Position=1, Mandatory=$true, ValueFromPipeline=$true)]
[string] $Password,
[Parameter(Position=2, Mandatory=$false, ValueFromPipeline=$true)]
[string] $OutputFile
)
if ($OutputFile -eq "")
{
$OutputFile="C:\OneDrive_groottes.csv"
}
$Result=@()
$loadInfo1 = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client")
$loadInfo2 = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.Runtime")
$loadInfo3 = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.UserProfiles")
$AdminURI = "https://" + $Tenantname +"-admin.sharepoint.com"
$OneDrivePrefixUrl="https://" + $Tenantname +"-my.sharepoint.com"
$SecPwd = $Password | ConvertTo-SecureString -AsPlainText -Force
$creds = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Username, $SecPwd)
$UserCredential = New-Object System.Management.Automation.PSCredential -argumentlist $Username, $SecPwd
$proxyaddr = "$AdminURI/_vti_bin/UserProfileService.asmx?wsdl"
$UserProfileService= New-WebServiceProxy -Uri $proxyaddr -UseDefaultCredential False
$UserProfileService.Credentials = $creds
Write-Progress -activity "Fetching User Profiles" -status "..........."
$strAuthCookie = $creds.GetAuthenticationCookie($AdminURI)
$uri = New-Object System.Uri($AdminURI)
$container = New-Object System.Net.CookieContainer
$container.SetCookies($uri, $strAuthCookie)
$UserProfileService.CookieContainer = $container
$UserProfileResult = $UserProfileService.GetUserProfileByIndex(-1)
Write-Host "Starting- This could take a while."
$NumProfiles = $UserProfileService.GetUserProfileCount()
$i = 1
Connect-SPOService -Url $AdminURI -Credential $UserCredential
While ($UserProfileResult.NextValue -ne -1)
{
Write-Progress -activity "Processing User Profiles" -status "$i out of $NumProfiles completed"
$Prop = $UserProfileResult.UserProfile | Where-Object { $_.Name -eq "PersonalSpace" }
$Url= $Prop.Values[0].Value
if ($Url) {
$siteurl = $OneDrivePrefixUrl + $Url.Substring(0,$Url.Length-1)
$temp = Get-SPOSite $siteurl -Detailed
if($temp)
{
$Result += New-Object PSObject -property @{
UserName = $temp.Title
UserPrincipalName = $temp.Owner
TotalSize_MB = $temp.StorageUsageCurrent
TotalSize_GB = $temp.StorageUsageCurrent/1024
StorageQuota_GB = $temp.StorageQuota/1024
WarningSize_GB =  $temp.StorageQuotaWarningLevel/1024
}
}
}
$UserProfileResult = $UserProfileService.GetUserProfileByIndex($UserProfileResult.NextValue)
$i++
}
$Result | Select-object -property UserName,UserPrincipalName,TotalSize_MB,TotalSize_GB,StorageQuota_GB,WarningSize_GB |Export-CSV $OutputFile -NoTypeInformation -Encoding UTF8
Write-Host "OneDrive for Business Storage Report successfully exported to "$OutputFile -foregroundcolor Green

Sharepoint groottes in Office 365

Install-Module -Name Microsoft.Online.SharePoint.PowerShell
Update-Module -Name Microsoft.Online.SharePoint.PowerShell
connect-sposervice -url https://xxxxxx-admin.sharepoint.com - credential admin@xxxxxx.onmicrosoft.com
Get-SPOSite -IncludePersonalSite $true | select Url, StorageUsageCurrent

Mailboxgrootte’s in Office 365

Install-Module PowershellGet -Force
Update-Module PowershellGet
Set-ExecutionPolicy RemoteSigned
Install-Module -Name ExchangeOnlineManagement
Import-Module ExchangeOnlineManagement; Get-Module ExchangeOnlineManagement
Connect-ExchangeOnline
Get-Mailbox -ResultSize Unlimited | Select -Expand userprincipalname | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize