MSOL
knavesec edited this page Mar 22, 2021
·
3 revisions
The MSOL module is specific to managed Microsoft Online instances like Azure or a managed Office365 setup. This module can provide user enumeration and extra information about login attempts. If you want to spray Office365, you can use this module only if it is a Managed instance (not Federated).
This module was based off DaftHack's MSOLSpray tool, specifically the Python implementation of it here.
This plugin does not require any additional arguments.
Azure Smart Lockout can apply to rate limit requests, however I've only dealt with that for tools that do not rotate IP addresses. According to DaftHack's original MSOLSpray tool, he noted that it appeared to avoid getting blocked by Azure Smart Lockout during testing.
python3 credmaster.py --access_key <key> --secret_access_key <key> \
--plugin msol \
-u userfile.txt -p passfile.txt -a useragents.txt -o outputfile \
-t 5 -j 20 -m 10 -d 360 --passwordsperdelay 3