Merge branch 'ask_mfa'

Author: freefirex

.gitignore

@@ -0,0 +1,2 @@
+# VS Code files for those working on multiple tools
+.vscode/*

README.md

@@ -20,6 +20,7 @@ You are welcome to use these, but issues opened related to these will be closed
 |adcs_request_on_behalf| adcs_request_on_behalf [TEMPLATE] [REQUESTER] [ENROLLMENT_AGENT.pfx] [Download_Name] | Request an enrollment certificate on behalf of another user|
 |adduser| adduser [USERNAME] [PASSWORD] [SERVER] | Add specified user to a machine|
 |addusertogroup| addusertogroup [USERNAME] [GROUPNAME] [SERVER] [DOMAIN] | Add specified user to a group|
+|ask_mfa | ask_mfa [NUMBER] | Displays a fake Microsoft Authenticator approval dialog with the specified number. |
 |chromeKey| chromeKey | Decrypt the provided base64 encoded Chrome key|
 |enableuser| enableuser [USERNAME] [DOMAIN] | Enable and unlock the specified user account|
 |get_azure_token| get_azure_token [CLIENT ID] [SCOPE] [BROWSER] [OPT:HINT] [OPT:BROWSER PATH] | Attempts to complete an OAuth codeflow grant against azure using saved logins |

Remote/Remote.cna

@@ -2209,3 +2209,29 @@ Example:
 
 "
 );
+
+alias ask_mfa {
+	local('$mfa_number $args');
+	if(size(@_) != 2)
+	{
+		berror($1, "usage: ask_mfa <mfa_number>");
+		return;
+	}
+	$mfa_number = parseNumber($2, 10);
+	
+	# Validate MFA number range (typically 0-99 for 2-digit codes)
+	if($mfa_number < 0 || $mfa_number > 99)
+	{
+		berror($1, "MFA number should be between 0-99");
+		return;
+	}
+	
+	$args = bof_pack($1, "i", $mfa_number);
+	beacon_inline_execute($1, readbof($1, "ask_mfa"), "go", $args);
+}
+
+beacon_command_register(
+	"ask_mfa",
+	"Displays a fake Microsoft MFA approval dialog",
+	"Command: ask_mfa\n\nUsage: ask_mfa [NUMBER]\n\nDisplays a fake Microsoft Authenticator approval dialog with the specified number.\nThe dialog auto-closes after 30 seconds or when the user closes it.\n\nExample: ask_mfa 42"
+);

Remote/ask_mfa/ask_mfa.x64.o

@@ -0,0 +1,14 @@
+BOFNAME := ask_mfa
+COMINCLUDE := -I ../../common
+CC_x64 := x86_64-w64-mingw32-gcc
+CC_x86 := i686-w64-mingw32-gcc
+CC := x86_64-w64-mingw32-clang
+
+all:
+	$(CC_x64) -o $(BOFNAME).x64.o $(COMINCLUDE) -Os -c entry.c -DBOF 
+	$(CC_x86) -o $(BOFNAME).x86.o $(COMINCLUDE) -Os -c entry.c -DBOF
+	mkdir -p ../../../Remote/$(BOFNAME) 
+	mv $(BOFNAME)*.o ../../../Remote/$(BOFNAME)
+
+clean:
+	rm $(BOFNAME).*.exe