Msmailprobe is widely known that OWA (Outlook Web app) is vulnerable to time-based user enumeration attacks. This tool leverages all known, and even some lesser-known services exposed by default Exchange installations to enumerate users. It also targets Office 365 for error-based user enumeration.
If you want to download and compile the simple, non-dependant code, you must first install GoLang! I will let the incredible documentation, and other online resources help you with this task.
https://golang.org/doc/install
You may also download the compiled release here.
List examples of commands for this applications, but simply running the binary with the examples
command:
./msmailprobe examples
You can also get more specific help by running the binary with the arguments you are interested in:
./msmailprobe identify
./msmailprobe userenum
./msmailprobe userenum –onprem
./msmailprobe userenum –o365
Usage
Flag to use:
-t to specify target host
Example:
./msmailprobe identify -t mail.target.com
Userenum (o365) Command
Flags to use:
-E for email list OR -e for single email address
-o [optional]to specify an out file for valid emails identified
–threads [optional] for setting amount of requests to be made concurrently
Examples:
./msmailprobe userenum –o365 -E emailList.txt -o validemails.txt –threads 25
./msmailprobe userenum –o365 -e admin@target.com
Userenum (onprem) Command
Flags to use:
-t to specify target host
-U for user list OR -u for single username
-o [optional]to specify an out file for valid users identified
–threads [optional] for setting amount of requests to be made concurrently
Examples:
./msmailprobe userenum –onprem -t mail.target.com -U userList.txt -o validusers.txt –threads 25
./msmailprobe userenum –onprem -t mail.target.com -u admin
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…