ExchangeRelayX – Exchange中继/重放脚本
工具介绍
ExchangeRelayX是一个python编写的exchange脚本,通过反向代理原始的owa服务器,然后利用其xml接口去访问原始服务器,达到劫持请求,NTML重放等攻击
Features
Raw XML Access to the EWS server, so you can send requests to functions and features that were not pre-programmed in exchangeRelayx
Add redirecting rules to the victim's email for backdooring
Download all attachments of the user, inbox and sent
Search the global address book tied to Active Directory
Send emails, with attachments, as the victim - the emails will not be stored in the user's sent folder
使用方法
pip install -r requirements.txt
./exchangeRelayx.py -t https://mail.quickbreach.com
下载地址
https://github.com/quickbreach/ExchangeRelayX
文章出处:黑客工具箱