https://github.com/puzzlepeaches/msprobe

Finding all things on-prem Microsoft for password spraying and enumeration.
https://github.com/puzzlepeaches/msprobe

adfs exchange microsoft ntlm password-spraying rdweb skype spraying

Last synced: 3 months ago
JSON representation

Finding all things on-prem Microsoft for password spraying and enumeration.

• Host: GitHub
• URL: https://github.com/puzzlepeaches/msprobe
• Owner: puzzlepeaches
• License: bsd-3-clause
• Created: 2022-02-07T23:22:30.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2022-05-17T13:39:51.000Z (about 4 years ago)
• Last Synced: 2023-11-07T15:23:28.335Z (over 2 years ago)
• Topics: adfs, exchange, microsoft, ntlm, password-spraying, rdweb, skype, spraying
• Language: Python
• Homepage:
• Size: 67.4 KB
• Stars: 244
• Watchers: 8
• Forks: 33
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# msprobe

+ [About](#about)

+ [Installing](#installing)

+ [Usage](#usage)

+ [Examples](#examples)

+ [Coming Soon](#coming)

+ [Acknowledgements](#acknowledgements)

## About 

Finding all things on-prem Microsoft for password spraying and enumeration. 

The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below:

![FLqt1cWXEAklMP1](https://user-images.githubusercontent.com/8538866/163191875-61040ed3-b318-4ad4-97c1-c06fb3f7eeba.jpeg)

### Installing 

Install the project using [pipx](https://pypa.github.io/pipx/installation/)

```

pipx install git+https://github.com/puzzlepeaches/msprobe.git

```

## Usage 

The tool has four different modules that assist with the discovery of on-prem Microsoft products:

* Exchange

* RD Web

* ADFS

* Skype for Business

The help menu and supported modules are shown below:

```

Usage: msprobe [OPTIONS] COMMAND [ARGS]...

  Find Microsoft Exchange, RD Web, ADFS, and Skype instances

Options:

  --help  Show this message and exit.

Commands:

  adfs   Find Microsoft ADFS servers

  exch   Find Microsoft Exchange servers

  full   Find all Microsoft supported by msprobe

  rdp    Find Microsoft RD Web servers

  skype  Find Microsoft Skype servers

```

## Examples 

Find ADFS servers associated with apex domain:

```

msprobe adfs acme.com

```

Find RD Web servers associated with apex domain with verbose output:

```

msprobe rdp acme.com -v

```

Find all Microsoft products hostsed on-prem for a domain:

```

msprobe full acme.com

```

## Coming Soon 

- Full wiki for each module

- Fixes for lxml based parsing in RD Web module

## Acknowledgements 

- [@p0dalirius](https://twitter.com/intent/follow?screen_name=podalirius_) for [RDWArecon](https://github.com/p0dalirius/RDWArecon) 

- [@b17zr](https://twitter.com/b17zr) for the `ntlm_challenger.py` script

- [@ReverendThing](https://github.com/ReverendThing) for his project [Carnivore](https://github.com/ReverendThing/Carnivore) and it's included subdomains

- [@busterbcook](https://twitter.com/busterbcook) and their tool [msmailprobe](https://github.com/busterb/msmailprobe) heavily influenced the creation of this project