From 82859bece11734d0ed878d2e4a8a946c5bd9876b Mon Sep 17 00:00:00 2001 From: mahmoud elfawair <158796278+mahmoudelfawair@users.noreply.github.com> Date: Mon, 6 Apr 2026 16:58:05 +0300 Subject: [PATCH] Enhance client_id extraction with additional regex The office.com method was raising 'An error occured when generating headers' because Microsoft changed their login page structure. The appId is now embedded inside the aadConfig JS object as: appId: '...' instead of the old JSON format \"appId\":\"...\". --- o365enum.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/o365enum.py b/o365enum.py index a5322eb..21b8f1b 100755 --- a/o365enum.py +++ b/o365enum.py @@ -106,7 +106,10 @@ def o365enum_office(usernames): headers=headers ) # we get the application identifier and session identifier - client_id = re.findall(b'"appId":"([^"]*)"', response.content) + client_id = ( + re.findall(b'"appId":"([^"]*)"', response.content) or + re.findall(b"appId:\\s*\\'([^\\']+)\\'", response.content) + ) # then we request the /login page which will redirect us to the authorize # flow response = session.get(