module
OWA Exchange Web Services (EWS) Login Scanner
| Disclosed | Created |
|---|---|
| N/A | May 30, 2018 |
Disclosed
N/A
Created
May 30, 2018
Description
This module attempts to log in to the Exchange Web Services, often
exposed at https://example.com/ews/, using NTLM authentication. This
method is faster and simpler than traditional form-based logins.
In most cases, all you need to set is RHOSTS and some combination of
user/pass files; the autodiscovery should find the location of the NTLM
authentication point as well as the AD domain, and use them accordingly.
exposed at https://example.com/ews/, using NTLM authentication. This
method is faster and simpler than traditional form-based logins.
In most cases, all you need to set is RHOSTS and some combination of
user/pass files; the autodiscovery should find the location of the NTLM
authentication point as well as the AD domain, and use them accordingly.
Author
Rich Whitcroft
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.