OWA (Outlook Webapp) is vulnerable to time-based user enumeration attacks.
This module leverages all known, and even some lesser-known services exposed by default
Exchange installations to enumerate email.

Error-based user enumeration for Office 365 integrated email addresses

## Verification Steps

- Start `msfconsole`
- `use auxiliary/scanner/msmail/exchange_enum`
- `set (`EMAIL` or `EMAIL_FILE`)`
- `run`
- `creds`

*Results should look something like below if valid users were found:*

```
host      origin    service        public  private  realm  private_type
----      ------    -------        ------  -------  -----  ------------
<ip>      <ip>      443/tcp (owa)  chris@somecompany.com
```

Collaborative Calculation and Data Science

colby

sagemath

cornellcollege

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

Verification Steps

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place.

Verification Steps

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.