CredMaster
Launch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt. This dynamically creates FireProx APIs for more evasive password sprays.
The following plugins are currently supported:
— OWA
— EWS
— O365
— O365Enum
— MSOL
— Okta
— FortinetVPN
— HTTPBrute
— ADFS
— AzureSSO
https://github.com/knavesec/CredMaster
#owa #o365 #adfs #password #spraying
Launch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt. This dynamically creates FireProx APIs for more evasive password sprays.
The following plugins are currently supported:
— OWA
— EWS
— O365
— O365Enum
— MSOL
— Okta
— FortinetVPN
— HTTPBrute
— ADFS
— AzureSSO
https://github.com/knavesec/CredMaster
#owa #o365 #adfs #password #spraying
🔥4
😈 OWASSRF — New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access.
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/
#owa #exchange #ssrf #proxynotshell
CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access.
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/
#owa #exchange #ssrf #proxynotshell
CrowdStrike.com
OWASSRF: CrowdStrike Identifies New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
Learn how CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access.
🔥6
😈 Microsoft Exchange: OWASSRF + TabShell
(CVE-2022-41076)
The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.
For a detailed write see research:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
PoC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#owa #ssrf #tabshell #poc
(CVE-2022-41076)
The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.
For a detailed write see research:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
PoC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#owa #ssrf #tabshell #poc
YouTube
Exchange TabShell RCE PoC (CVE-2022-41076)
Copy paste PoC from VCS blog: https://blog.viettelcybersecurity.com/tabshell-owassrf/
🔥9👍2👎1
Forwarded from Pentest Notes
Подготовил для вас подробное руководство по тестированию на проникновение Outlook Web Access (OWA). 😈
➡️ В статье я разобрал все основные атаки и уязвимости OWA. Собрал и структурировал самое полезное в одном месте.
➡️ Также материал идеально подойдет для тех, кто все еще путает между собой OWA, Outlook и MS Exchange :)
Даже если вы раньше не сталкивались с почтовыми сервисами Microsoft, после прочтения смело можете бежать проверять их на безопасность.🥤
Ссылка на статью
💫 @pentestnotes | #pentest #OWA #Exchange
Даже если вы раньше не сталкивались с почтовыми сервисами Microsoft, после прочтения смело можете бежать проверять их на безопасность.
Ссылка на статью
Please open Telegram to view this post
VIEW IN TELEGRAM
1🔥16❤🔥5👍5❤3😁1