mdsecresearch / lyncsniper Goto Github PK

Hello,

Tried to use it against my o365 setup and I'm getting the error "Direct login to WLID is not allowed for this federated namespace".

Did you ran against this issue ? Is anything can be done ?

Full XML Output:

<?xml version="1.0" encoding="utf-8"?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmln
s:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices
/SOAPFault"><S:Body><S:Fault><S:Code><S:Value>S:Sender</S:Value><S:Subcode><S:Value>wst:FailedAuthentication</S:Value></S:Subcode></S:Code><S:Reason><S:Text xml:lang="en-US">Authentication Failure</S:Text></S
:Reason><S:Detail><psf:error><psf:value>0x80048821</psf:value><psf:internalerror><psf:code>0x80047860</psf:code><psf:text>Direct login to WLID is not allowed for this federated namespace
</psf:text></psf:internalerror></psf:error></S:Detail></S:Fault></S:Body></S:Envelope>

When attempting to test this script, I have a users.txt file with one email address listed. Upon attempting the invoke-lyncspray, it fails on invalid credential provided at the command line. But when I use the correct password once (correctly shows the Found credentials message) subsequent calls also return the valid credential message even with invalid password entries.

I am issuing the following commands and nothing is happening, the script looks like it is trying to work but then it just drops me into a prompt again.

Import-Module .\LyncSniper.ps1 Invoke-LyncBrute -UserName [email protected] -PassList realhuman_phill.txt' -office365 -verbose

I am able to use Invoke-LyncBrute to validate the script and it works as intended, but Invoke-LyncSpray runs and crashes the ISE/PowerShell. Not sure what I can provide to help re-create it or debug the issue. Let me know how what information would help.

Update: looks like if you have a username.txt file with just one entry, the $username = $usernames[0] returns only the first character of the line which then fails to parse the URL from as there is no email suffix. If there are two entries it works however it appears that get-content is adding spaces into the object from the text file (not sure why its doing this) and on the space in between usernames the script throws an error.

Great script BTW - there seems to be quite a lot of functionality in the Lync client that could be exploited (turning on logging of IMs, extracting contact information (phone, email, location detail). This would be great to be integrated with the MailSniper tool.

"For more information on LyncSniper, check out this blog post."

Which blog post?

Hi there... Please let me know what I'm doing wrong. I do appreciate your help!

PS C:\Tools\LyncSniper-master> Import-Module .\LyncSniper.ps1
Add-Type : c:\Tools\LyncSniper-master\Tunable-SSL-Validator\TunableValidator.cs
(29) : Default parameter specifiers are not permitted
c:\Tools\LyncSniper-master\Tunable-SSL-Validator\TunableValidator.cs(28) :
c:\Tools\LyncSniper-master\Tunable-SSL-Validator\TunableValidator.cs(29) : >>>
public static void SetValidator(bool ignoreChainErrors = false, Hashtable
trustedCerts = null, bool showConsoleStandardOutput = true)
c:\Tools\LyncSniper-master\Tunable-SSL-Validator\TunableValidator.cs(30) :
{
At C:\Tools\LyncSniper-master\Tunable-SSL-Validator\TunableSSLValidator.psm1:1
char:9

• Add-Type <<<< -Path "${PSScriptRoot}\TunableValidator.cs"
  • CategoryInfo : InvalidData: (c:\Tools\LyncSn...e not permitted:
    CompilerError) [Add-Type], Exception
  • FullyQualifiedErrorId : SOURCE_CODE_ERROR,Microsoft.PowerShell.Commands.
    AddTypeCommand

Team,

Thank you for useful tool, but we are encountering the error. Guide me if I am missing something.

Above error appears in Win-7. But in Win-8 it works smooth.