![]() ![]() ![]() This basic technique was used with both Exchange 2007 and Exchange 2010 OWA installations. Microsoft could mitigate this by adding CSRF tokens to the form authentication template in OWA. A bad password takes the user to the real site with the expected error and a correct password takes them to the real site and logs them in. The result is a site that looks like the original and acts like the original. Add ProcessForms() and call this in the first line of clkLgn().Modify flogon.js to log prior to re-posting to the real OWA.Point the form POST to the real OWA portal.Rewrite the OWA HTML to change the links/images.Quick and dirty (and insecure) example:.Create a logging page (or just grep web logs for static content).IDN-style names can make this even harder to identify.even provides free SSL certificates as part of COM registration.Clone the target's existing OWA site to match graphics and versions.This technique relies on the following steps: In the course of an authorized security assessment this type of attack provides an initial foot in the door to the target organization and takes few resources to setup. The goal is to create a fake front-end to an organization's Outlook Web Access portal and convince users to login through this portal. This blog post describes a simple phishing attack covered in today's webcast. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |