-->

Msprobe - Finding All Things On-Prem Microsoft For Password Spraying And Enumeration


Finding all things on-prem Microsoft for password spraying and enumeration.

The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below:


Installing

Install the project using pipx

pipx install git+https://github.com/puzzlepeaches/msprobe.git

Usage

The tool has four different modules that assist with the discovery of on-prem Microsoft products:

  • Exchange
  • RD Web
  • ADFS
  • Skype for Business

The help menu and supported modules are shown below:

Usage: msprobe [OPTIONS] COMMAND [ARGS]...  Find Microsoft Exchange, RD Web, ADFS, and Skype instancesOptions:  --help  Show this message and exit.Commands:  adfs   Find Microsoft ADFS servers  exch   Find Microsoft Exchange servers  full   Find all Microsoft supported by msprobe  rdp    Find Microsoft RD Web servers  skype  Find Microsoft Skype servers

Examples

Find ADFS servers associated with apex domain:

msprobe adfs acme.com

Find RD Web servers associated with apex domain with verbose output:

msprobe rdp acme.com -v

Find all Microsoft products hostsed on-prem for a domain:

msprobe full acme.com

Coming Soon

  • Full wiki for each module
  • Fixes for lxml based parsing in RD Web module

Acknowledgements



Disqus Comments