Skip to content

Hydra wrapper for bruteforcing Microsoft Outlook Web Application.

License

Notifications You must be signed in to change notification settings

p0dalirius/owabrute

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Hydra wrapper for bruteforcing Microsoft Outlook Web Application.
GitHub release (latest by date) YouTube Channel Subscribers

Dependencies

This script is based on hydra. You can install it with :

apt install hydra

Usage

bash$ ./owabrute.sh -h
Usage : ./owabrute.sh
      -d DOMAIN    : Target domain. Example : remote.targethost.co.uk
      -u USERSLIST : Path to wordlist of users to test
      -p PASSLIST  : Path to wordlist of passwords to test

Examples

Usage example against a test domain test.domain.net with ./users.txt and ./passwords.txt wordlists :

./owabrute.sh -d test.domain.net -u ./users.txt -p ./passwords.txt

If the files cannot be accessed, you will have a message indicating Could not access ressource :

bash$ ./owabrute.sh -d test.domain.net -u ./users.txt -p ./passwords.txt

 ██████╗ ██╗    ██╗ █████╗     ██████╗ ██████╗ ██╗   ██╗████████╗███████╗
██╔═══██╗██║    ██║██╔══██╗    ██╔══██╗██╔══██╗██║   ██║╚══██╔══╝██╔════╝
██║   ██║██║ █╗ ██║███████║    ██████╔╝██████╔╝██║   ██║   ██║   █████╗
██║   ██║██║███╗██║██╔══██║    ██╔══██╗██╔══██╗██║   ██║   ██║   ██╔══╝
╚██████╔╝╚███╔███╔╝██║  ██║    ██████╔╝██║  ██║╚██████╔╝   ██║   ███████╗
 ╚═════╝  ╚══╝╚══╝ ╚═╝  ╚═╝    ╚═════╝ ╚═╝  ╚═╝ ╚═════╝    ╚═╝   ╚══════╝

Hydra wrapper for bruteforcing Microsoft OWA.

DOMAIN    : test.domain.net
USERSLIST : ./users.txt
PASSLIST  : ./passwords.txt (Could not access ressource)

[WARN] Some resources could not be accessed. Aborting...

Additional references