Atomizer is showing valid credentials when actually failing

byt3bl33d3r / SprayingToolkit

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

GNU General Public License v3.0

1.45k stars 267 forks source link

Atomizer is showing valid credentials when actually failing #7

Closed qgrosperrin closed 5 years ago

qgrosperrin commented 5 years ago

The message returned by Lync sprayer is invalid in some scenarios where the following message is returned in the SOAP response for the authentication request:

AADSTS50034: The user account Microsoft.AzureAD.Telemetry.Diagnostics.PII does not exist in the <domain> directory. To sign into this application, the account must be added to the directory.

The tool actually prints "Found credentials:... " in that case.

byt3bl33d3r commented 5 years ago

Good to know, i'll update it when i can. Cheers

mlinton commented 5 years ago

I'm also getting this error on an engagement. Just wondering what the test case is here - as it might seem that the client is in the process of transitioning to the o365 environment.