Penetrate your OWA
Author(s): Nate Power

Date: August 2014
Publication: Passwords14 Las Vegas
Source: Currently no known Internet copy of paper.

Abstract:
A ‘black box’ review of Microsoft’s Outlook Wep App(OWA) revealed several vulnerabilities. This includes a time based authentication attack that allows attackers to validate realms and usernames existing in Active Directory. We will discuss how these vulnerabilities can be leveraged during a pentest.

PasswordResearch.com Note: Video of presentation available: https://www.youtube.com/watch?v=n7DpxKa43k4


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com