Closed deterri closed 10 months ago
Any idea why this fails when running for o365 plugin? I've tested with two email accounts for which I know the password, across two domains configured to work with office 365.
config.json
{ "plugin" : "o365", "userfile" : "users.txt", "passwordfile" : "passwords.txt", "userpassfile" : null, "useragentfile" : "useragents.txt", "outfile" : "output.txt", "threads" : null, "region" : "us-east-1", "jitter" : 30, "jitter_min" : 4, "delay" : 1, "passwordsperdelay" : null, "randomize" : false, "header" : null, "weekday_warrior" : null, "color" : false, "trim" : false, "slack_webhook" : null, "pushover_token" : null, "pushover_user" : null, "discord_webhook" : null, "teams_webhook" : null, "keybase_webhook": null, "operator_id" : null, "exclude_password" : false, "access_key" : "access_key", "secret_access_key" : "secret_access_key", "session_token" : null, "profile_name" : null }
Output
python credmaster.py --config config.json [2023-10-02 21:02:22.543] Execution started at: 2023-10-02 21:02:22.543404 [2023-10-02 21:02:22.543] Creating 1 API Gateways for https://autodiscover-s.outlook.com [2023-10-02 21:02:23.305] Created API - Region: us-east-1 ID: (ID) - https://ID.execute-api.us-east-1.amazonaws.com/fireprox/ => https://autodiscover-s.outlook.com [2023-10-02 21:02:24.064] Testconnect: Connection success, continuing [2023-10-02 21:02:24.065] Total Regions Available: 15 [2023-10-02 21:02:24.065] Total API Gateways: 1 [2023-10-02 21:02:24.065] Starting Spray... [2023-10-02 21:02:24.065] Loading credentials from users.txt with password KNOWN_PASSWORD DEBUG <Response [401]> DEBUG <?xml version="1.0" encoding="utf-8"?> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response> <Error Time="ERROR_TIME" Id="RANDOM_ID"> <ErrorCode>600</ErrorCode> <Message>Invalid Request</Message> <DebugData /> </Error> </Response> </Autodiscover> [2023-10-02 21:02:43.332] us-east-1: [-] FAILURE: KNOWN_USER@domain.com:KNOWN_PASSWORD [2023-10-02 21:02:43.333] Completed spray with password KNOWN_PASSWORD at 2023-10-02 21:02:43.333070 [2023-10-02 21:02:43.447] Destroying API (ID) in region us-east-1 [2023-10-02 21:02:44.122] End Time: 2023-10-02 21:02:44.122729 [2023-10-02 21:02:44.123] Total Execution: 21.579325 seconds [2023-10-02 21:02:44.123] Valid credentials identified: 0
Any idea why this fails when running for o365 plugin? I've tested with two email accounts for which I know the password, across two domains configured to work with office 365.
config.json
Output