Attacking MS Exchange Web Interfaces

Haythem Elmir

Exchange is basically a mail server that supports a bunch of Microsoft protocols. It’s usually located on subdomains named autodiscover, mx, owa or mail, and it can also be detected by existing  /owa/,  /ews/,  /ecp//oab//autodiscover/,  /Microsoft-Server-ActiveSync//rpc/, /powershell/  endpoints on the web server.

The knowledge about how to attack Exchange is crucial for every penetration testing team. If you found yourself choosing between a non-used website on a shared hosting and a MS Exchange, only the latter could guide you inside.

In this article, I’ll cover all the available techniques for attacking MS Exchange web interfaces and introduce a new technique and a new tool to connect to MS Exchange from the Internet and extract arbitrary Active Directory records, which are also known as LDAP records.

Source :

Laisser un commentaire

Next Post

l’usine Mont Blanc est victime d’une cyberattaque

La cyberattaque dont a été victime l’entreprise Mont Blanc de Chef-du-Pont a été détectée au début du mois d’août 2020. L’usine Mont Blanc de Chef-du-Pont, commune déléguée de Sainte-Mère-Eglise, tournait au ralenti depuis plusieurs jours. Le mardi 4 août, l’entreprise, qui appartient au Groupe MOM (Materne et Mont Blanc) depuis 2006, […]