Azure AD Security Defaults/MFA Bypass with Graph API

4 min readAug 24, 2023

If you are an Azure AD free customer you should at least know of the setting called security defaults. Security defaults are for Azure AD Free customers that are not on a P1 or P2 licensing model. If you want to read more about security defaults you can do so at the following link:

Figure 1 — Security Default Settings in Target Tenant

Recently I discovered that enabled users in an Azure tenant with MFA are not protected by security defaults if an attacker has a valid user name/password, and they attack a Microsoft Graph API endpoint.


Scenario 1:

An attacker password sprays a victim tenant with weak passwords and manages to find valid accounts with weak passwords.

The attacker then uses a tool called MFASweep to validate Graph API endpoints are not protected with MFA.

Figure 2 — MFA Sweep Results

MFA Sweep gives full single factor results at the bottom of the report.

Figure 3 — Single Factor Access Results

To provide additional proof I verify the compromised account is indeed running MFA.

Attacker Playbook: Azure AD Exfiltration

Any decent threat actor will start working on data exfiltration with the compromised account. The first step in data exfiltration is to extract the maximum amount of information from Azure AD. To demonstrate simple Azure AD Exfiltration you can use O365recon written by @nyxgeek

Figure 3 — Single Factor Azure AD Exfiltration with MsOnline Module

From here you have tons of data at your disposal. All Azure AD users, Directory Role Administrators, Full Application lists, and tons more!

Attacker Playbook: Replaying Tokens

Now that I’ve demonstrated simple Azure AD exfiltration methods, the next step is to start acquiring tokens and replaying them in different areas of Azure. Keep in mind all this is done with security defaults on and the account I am targeting is running MFA. Because these endpoints below are using graph api. All tokens have been acquired using single factor authentication.

Figure 4 — Aquiring MS Graph token with Single Factor Auth
Figure 5 — Aquiring AAD Graph token Using Single Factor Aut

Connecting to Azure AD with MS Graph Access Token

To connect directly into Azure AD with the context of your user with single factor auth you can easily do so doing the following:

Pull AAD Graph token using AAD Internals with the following command:

Import-Module AADInternals

Now replay the token to connect to Azure Active Directory:

Connect-AzureAD -AadAccessToken
Figure 6 — Connecting into Azure AD with Single Factor Auth

Since we now have full user context control and have logged into Azure AD PowerShell, we have further methods are our disposal such as adding unauthorized Azure AD Guests into the environment for additional ongoing persistence.

MSRC Contact and Response

MSRC was contacted and I provided simple bypass techniques on discovery and Azure AD exfiltration methods as shown in this blog. MSRC responded below and stated this does not meet Microsoft’s requirement as a security vulnerability for servicing.

Figure 7 — MSRC Response

“Unless our documentation explicitly call out multiple MFA needed through the process, this wouldn’t be consider a valid scenario since it requires a already compromised account.”

Azure PowerShell is a protected privilege activity according to Microsoft’s documentation but as I’ve shown in this post I demonstrated how to connect into Azure AD Powershell using single factor authentication with AADInternals.

Figure 8 — Security defaults documentation

Updated Remediation (8/23/23)

Customers that are on the Azure AD Free tier with security defaults on and have end users enrolled into MFA do not have their Graph API endpoints protected unless you enable the account with per user MFA. The process is outlined below: