Skip to content
Ellis Springe edited this page Aug 9, 2024 · 4 revisions

Plugin Overview

The MSOL module is specific to managed Microsoft Online instances like Azure or a managed Office365 setup. This module can provide user enumeration and extra information about login attempts. If you want to spray Office365, you can use this module only if it is a Managed instance (not Federated).

This module was based off DaftHack's MSOLSpray tool, specifically the Python implementation of it here.

This spraying tool makes attempts against login.microsoft.com using the graph.windows.net resource

Unique Command Line Options

This plugin does not require any additional arguments.

Throttle Notes

Azure Smart Lockout can apply to rate limit requests, however I've only dealt with that for tools that do not rotate IP addresses. According to DaftHack's original MSOLSpray tool, he noted that it appeared to avoid getting blocked by Azure Smart Lockout during testing.

Example Command

python3 credmaster.py --access_key <key> --secret_access_key <key> \
    --plugin msol \
    -u userfile.txt -p passfile.txt -a useragents.txt -o outputfile \
    -t 5 -j 20 -m 10 -d 360 --passwordsperdelay 3
Clone this wiki locally