Penetrate your OWA
Date: August 2014
Publication: Passwords14 Las Vegas
Source: Currently no known Internet copy of paper.
A ‘black box’ review of Microsoft’s Outlook Wep App(OWA) revealed several vulnerabilities. This includes a time based authentication attack that allows attackers to validate realms and usernames existing in Active Directory. We will discuss how these vulnerabilities can be leveraged during a pentest.
PasswordResearch.com Note: Video of presentation available: https://www.youtube.com/watch?v=n7DpxKa43k4
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.