Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sensepost/ruler

A tool to abuse Exchange services
https://github.com/sensepost/ruler

exchange mapi pentesting shells

Last synced: 2 days ago
JSON representation

A tool to abuse Exchange services

Host: GitHub
URL: https://github.com/sensepost/ruler
Owner: sensepost
License: other
Created: 2016-08-18T15:05:13.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2024-06-10T11:03:07.000Z (6 months ago)
Last Synced: 2024-11-26T07:02:47.664Z (16 days ago)
Topics: exchange, mapi, pentesting, shells
Language: Go
Size: 7.3 MB
Stars: 2,171
Watchers: 99
Forks: 358
Open Issues: 14
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-tools - ruler - A tool to abuse Exchange services (Asset Discovery / Business Communication Infrastructure Discovery)
Awesome-Asset-Discovery - ruler
awesome-hacking-lists - sensepost/ruler - A tool to abuse Exchange services (Go)

README

        # Introduction

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is abuse the client-side Outlook features and gain a shell remotely.

The full low-down on how Ruler was implemented and some background regarding MAPI can be found in our blog posts:

* [Ruler release]

* [Pass the Hash with Ruler]

* [Outlook forms and shells]

* [Outlook Home Page – Another Ruler Vector]

For a demo of it in action: [Ruler on YouTube]

## What does it do?

Ruler has multiple functions and more are planned. These include

* Enumerate valid users

* Create new malicious mail rules

* Dump the Global Address List (GAL)

* VBScript execution through forms

* VBScript execution through the Outlook Home Page

Ruler attempts to be semi-smart when it comes to interacting with Exchange and uses the Autodiscover service (just as your Outlook client would) to discover the relevant information.

# Getting Started

Compiled binaries for Linux, OSX and Windows are available. Find these in [Releases]

information about setting up Ruler from source is found in the [getting-started guide].

# Usage

Ruler has multiple functions, these have their own documentation that can be found in the [wiki]:

* [BruteForce] -- discover valid user accounts

* [Rules] -- perform the traditional, rule based attack

* [Forms] -- execute VBScript through forms

* [Homepage] -- use the Outlook 'home page' for shell and persistence

* [GAL] -- grab the Global Address List

# Attacking Exchange

The library included with Ruler allows for the creation of custom message using MAPI. This along with the Exchange documentation is a great starting point for new research. For an example of using this library in another project, see [SensePost Liniaal].

# License

[![License: CC BY-NC-SA 4.0](https://img.shields.io/badge/License-CC%20BY--NC--SA%204.0-lightgrey.svg)](http://creativecommons.org/licenses/by-nc-sa/4.0/)

Ruler is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (http://creativecommons.org/licenses/by-nc-sa/4.0/) Permissions beyond the scope of this license may be available at http://sensepost.com/contact/.

[Ruler Release]: 

[Pass the hash with Ruler]: 

[Outlook forms and shells]: 

[Outlook Home Page – Another Ruler Vector]: 

[Ruler on YouTube]:

[Releases]: 

[SensePost Liniaal]:

[wiki]:

[BruteForce]:

[Rules]:

[Forms]:

[Homepage]:

[GAL]:

[getting-started guide]: