Awesome
Basic usage: python owamails.py -u <url> -l <users.txt> -p <path>
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Url, provide schema and not final / (eg
https://example.org)
-l LIST, --list LIST Users mailbox list
-p PATH, --path PATH Path to write emails in xml format
-f FQDN, --fqdn FQDN FQDN
-d DOMAIN, --domain DOMAIN
Domain to check mailboxes (eg if .local dont work)
Check email boxes and download emails
basic:
python owamails.py -u https://127.0.0.1 -l users.txt -p downloads
don't get domain from headers:
python owamails.py -u https://127.0.0.1 -l users.txt -p downloads -d mydomain.local
don't get FQDN from headers:
python owamails.py -u https://127.0.0.1 -l users.txt -p downloads -f EXCH01
massive?:
for i in $(cat targets.txt); do echo $i && python3 owamails.py -u https://$i -l users.txt -p emails; done;
References:
- https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-work-with-exchange-mailbox-items-by-using-ews-in-exchange
- https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
- https://www.praetorian.com/blog/reproducing-proxylogon-exploit/
fork form:
https://gitlab.com/gvillegas/ohwaa/