Newer
Older
DirtyScripts / graph-explorer-sites-list-compare.php
root on 29 Jun 2020 1 KB JSON AJAX PoC added
#!/usr/bin/php
<?php
error_reporting(0);

/***
 * Small script to create graph from multiple users JSON's taken from MS Graph Explorer
 * (Search for a SharePoint site by keyword) keyword = %00
 ***/

$folder = "/mnt/hgfs/PentestOS/pentests/2020/Devon/MS_Graph/";

$mainArray = array();

$rootDir = getDirContents($folder, '/\.json$/');
foreach($rootDir as $h => $i){ // remove begining of vdb path (keeps clean)
    $rootDir[$h] = str_replace("sites_null_", "", str_replace(".json", "", str_replace($folder, "", $i)));
    //echo "Reading: ".$rootDir[$h]."\n";

    $jsonFile = file_get_contents($i);
	$jsonContents = json_decode($jsonFile, true);

	foreach($jsonContents as $j){
		foreach($j as $k){
			//echo "	".$k['name']." -> ".$k['webUrl']."\n";
			$shortname[$k['name']] = $k['webUrl'];
			$rarw[$k['name']][] = $rootDir[$h];
		}
		//print_r($j);
	}
}
echo "Files: ".sizeof($rootDir)."\n";

foreach($shortname as $short => $long){
	$lenToShow = 120;
	if(strlen($long)<$lenToShow)
		$long = str_pad($long, $lenToShow, "-");
	echo substr($long, 0, $lenToShow)." ->	";
	
	//print_r($rarw[$short]);
	foreach($rarw[$short] as $shortname => $username){
		echo $username."	";

	}
	echo "\n";
}







function getDirContents($dir, $filter = '', &$results = array()) {
    $files = scandir($dir);

    foreach($files as $key => $value){
        $path = realpath($dir.DIRECTORY_SEPARATOR.$value); 

        if(!is_dir($path)) {
            if(empty($filter) || preg_match($filter, $path)) $results[] = $path;
        } elseif($value != "." && $value != "..") {
            getDirContents($path, $filter, $results);
        }
    }

    return $results;
} 

?>