Last updated 1 year ago
is a tool that attempts to identify Microsoft Exchange instances for a given domain based on the top common DNS names for Microsoft Exchange. Additionally, ExchangeFinder can identify the version of Microsoft Exchange utilized by the target.
# ExchangeFinder basic usage python3 exchangefinder.py --domain $domain
POST /autodiscover/autodiscover.xml HTTP/1.1 Host: exch01.parzival.sh User-Agent: Microsoft Office/16.0 (Windows NT 10.0; Microsoft Outlook 16.0.10730; Pro) Authorization: Basic Q09OVE9TT1x1c2VyMDE6UEBzc3cwcmQ= Content-Length: 341 Content-Type: text/xml <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006"> <Request> <EMailAddress>$email</EMailAddress> <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema> </Request> </Autodiscover>
