-
Notifications
You must be signed in to change notification settings - Fork 126
O365Enum
The O365enum module is for users on Managed Office365 instances using the "login.microsoft.com" URL method. This only works for Managed environments, the script will warn if an unsupported domain is found in the users.
This plugin does not make an authentication request, it is solely user enumeration
This module was based off Joe Helle's Oh365UserFinder tool and Cameron Geehr's o365enum tool.
Plugin was compiled by Max Gruenberg
None
In requests, the site will respond with a "ThrottleStatus" variable. The script will warn if the request is throttled. Future functionality (unimplemented currently) would requeue throttled users with a time delay, to let the throttle lapse and get full coverage.
This has been tested with 15 threads and the entirety of statistically-likely-username's jsmith.txt userlist (~50k usernames). This resulted in zero throttling/rate-limiting from Microsoft.
python3 credmaster.py --access_key <key> --secret_access_key <key> \
--plugin o365enum \
-u userfile.txt -a useragents.txt -o outputfile \