OWA Exchange Web Services (EWS) Login Scanner
This module attempts to log in to the Exchange Web Services, often exposed at https://example.com/ews/, using NTLM authentication. This method is faster and simpler than traditional form-based logins. In most cases, all you need to set is RHOSTS and some combination of user/pass files; the autodiscovery should find the location of the NTLM authentication point as well as the AD domain, and use them accordingly.
- Rich Whitcroft
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use auxiliary/scanner/http/owa_ews_login msf auxiliary(owa_ews_login) > show actions ...actions... msf auxiliary(owa_ews_login) > set ACTION <action-name> msf auxiliary(owa_ews_login) > show options ...show and set options... msf auxiliary(owa_ews_login) > run