From da9f1d9d89a248232040dabe94f2139d4bd4d053 Mon Sep 17 00:00:00 2001
From: root <root@kali>
Date: Thu, 26 Jun 2025 08:35:43 -0400
Subject: [PATCH] URL-encoded email address in guest invite to allow #
 character and bypass PrincipalName membership rules

---
 GraphRunner.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/GraphRunner.ps1 b/GraphRunner.ps1
index a894c2a..8e45c42 100644
--- a/GraphRunner.ps1
+++ b/GraphRunner.ps1
@@ -4806,7 +4806,7 @@ function Invoke-InviteGuest{
 
     # Construct the JSON payload
     $invitationData = @{
-        invitedUserEmailAddress = $EmailAddress
+        invitedUserEmailAddress = [System.Web.HttpUtility]::UrlEncode($EmailAddress)
         invitedUserDisplayname = $Displayname
         inviteRedirectUrl = $RedirectUrl
         sendInvitationMessage = [System.Convert]::ToBoolean($SendInvitationMessage)
@@ -7722,4 +7722,4 @@ Get-UserObjectID`t`t-`t Retrieves an object ID for a user
     Write-Host -ForegroundColor green ("=" * 80)
     Write-Host -ForegroundColor green '[*] For help with individual modules run Get-Help <module name> -detailed'
     Write-Host -ForegroundColor green '[*] Example: Get-Help Invoke-InjectOAuthApp -detailed'
-}
\ No newline at end of file
+}