Paid Advertising is
ha.ckers sla.cking
Whether this is about, or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
OWABF - Outlook Web Access Brute Forcer
Posted by: levaja
Date: March 09, 2009 08:18AM

OWABF can attack OWA/Exchange 2003 & 2007 form based authentication.
It has log/resume option, userlist, passlist, owa version...
You can download it from:

Usage is very simple: -s https://someserver -u userlist.txt -p passlist -v 2
If you don't specify passlist, owabf expects to find separate passlist for every username in the userlist.txt. In that case, password files must be named exactly as usernames, eg:

Next version will probably be merged with WMAT (,26600).

There is a lot of room for improvement (see TODO section in python source).
Community help is appreciated. I am very thankful for your ideas, comments...

Dejan Levaja
Network Security Solutions d.o.o.

Options: ReplyQuote

Sorry, only registered users may post in this forum.