id: azure-domain-tenant info: name: Microsoft Azure - Domain Tenant ID - Detect author: V0idC0de severity: info description: Microsoft Azure Domain Tenant ID was detected. Checks if the domain is part of an Azure tenant and finds the ID using Azure's OpenID discovery page. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 reference: https://azure.microsoft.com tags: azure,microsoft,cloud requests: - raw: - | @Host: https://login.microsoftonline.com:443 GET /{{Host}}/v2.0/.well-known/openid-configuration HTTP/1.1 Host: login.microsoftonline.com matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "token_endpoint" extractors: - type: regex part: body group: 1 regex: - "\"https:\\/\\/login\\.microsoftonline\\.com\\/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})" # Enhanced by mp on 2023/02/05