Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.

Last update: Jan 02, 2023

Overview

Oh365 User Finder

Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to identify the "IfExistsResult" flag is null or not, and responds appropriately if the user is valid.

Usage

Installing Oh365UserFinder

git clone https://github.com/dievus/Oh365UserFinder.git

Change directories to Oh365UserFinder and run:

pip3 install -r requirements.txt

This will run the install script to add necessary dependencies to your system.

python3 Oh365UserFinder.py -h

This will output the help menu, which contains the following flags:

-h, --help - Lists the help options

-e, --email - Required for running Oh365UserFinder against a single email account

-r, --read - Reads from a text file containing emails (ex. -r emails.txt)

-w, --write - Writes valid emails to a text document (ex. -w validemails.txt)

-t, --threading - Sets a pause between attempts in seconds (ex. -t 60)

-v, --verbose - Outputs test verbosely; note that you must use y to run verbosely (ex. -v y)

Examples of full commands include:

python3 o365UserFinder.py -e [email protected]

python3 Oh365UserFinder.py -r emails.txt -w validemails.txt

python3 Oh365UserFinder.py -r emails.txt -w validemails.txt -t 30 -v y

Notes

Make note that Microsoft does have some defense in place that can, from time to time, provide false positives in feedback. If you suspect that this is occurring take a pause in testing, and return and increase the duration between attempts using the -t flag.

Acknowledgements

This project is based on a previous tool named o365Creeper developed by Korey Mckinley that was last supported in 2019, and developed in Python2.

Comments

Invalid 'NoneType' argument for int() function
Hi @dievus , first I want to thank you for the great tool.

As shown in the images below, when using the tool without the -l / --lockout argument, after a LOCKOUT occurrence, an exception occurs that breaks the password spray flow.

Error :

No Error:

This error occurs because on line 276, the -l / --lockout argument is multiplied by the integer value 60. If the parameter is not defined by the user, the type of the 'lockout' variable is defined as NoneType, which by in turn, it cannot receive arithmetic operations with an integer value, causing the error.

Suggestions:

[x] Create a condition that checks if the -l or --lockout argument was defined by the user at script execution, otherwise it sets a default value (1 maybe) or returns to the help menu and 'forces' the user to use the -l / --lockout argument.
opened by FroydCod3r 3
Enhancement - check whether the IP address is being throttled

The results may get throttled - in that case you'll be returned with false positives (i.e. it always returns "IfExistsResults":0). You can check throttle by looking whether "ThrottleStatus":1.

If would be nice to return a warning in this case.
enhancement good first issue

opened by tautology0 3
Domain Check - Unknown, Managed, Federated

https://github.com/dievus/Oh365UserFinder/blob/main/oh365userfinder.py#L204 valid_response = re.search('"NameSpaceType":"Managed",', response)

Microsoft outline that there are different namespace types besides Unknown and Managed. As far as I can tell, there is also, Federated which can be seen here for my local university. https://login.microsoftonline.com/[email protected]

Potentially consider that the regex should check for the word Unknown and change the response to a negative if returned true.

opened by ILightThings 2
invalid email cache & sleep on throttle
Keep record of invalid emails and skip if an email has already been deemed invalid

When throttling is enabled, sleep and then retry

Appends domain if specified (for use with wordlists without email domain)
opened by chrismeistre 1
Add a shebang so we can be lazy

The script doesn't have the traditional shebang of: #!/usr/bin/env python3

So it can't be directly run from the shell. Any chance this could be added to help us lazy people?
enhancement

opened by tautology0 1

Releases(v1.1.0)

v1.1.0(Jun 25, 2022)

v1.1.0 includes password spraying.
Source code(tar.gz)
Source code(zip)
oh365userfinder.py(17.65 KB)
requirements.txt(33 bytes)
v1.0.1(Nov 22, 2021)

Source code(tar.gz)
Source code(zip)
Oh365UserFinder.exe(9.38 MB)
v1.0.0(Nov 17, 2021)

Source code(tar.gz)
Source code(zip)
Oh365UserFinder.exe(9.38 MB)

Owner

Joe Helle

Also known as the Mayor

GitHub Repository

Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)

Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -

250 Dec 31, 2022

IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.

IDA Pattern Search by Argus Cyber Security Ltd. The IDA Pattern Search plugin adds a capability of finding functions according to bit-patterns into th

48 Dec 29, 2022

Security system to prevent Shoulder Surfing Attacks

Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to

1 Jan 27, 2022

Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

5k Jan 05, 2023

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

861 Feb 18, 2021

Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.

Related tags

Overview

Oh365 User Finder

Usage

Notes

Acknowledgements

Comments

Invalid 'NoneType' argument for int() function

Enhancement - check whether the IP address is being throttled

Domain Check - Unknown, Managed, Federated

invalid email cache & sleep on throttle

Add a shebang so we can be lazy

Releases(v1.1.0)

v1.1.0(Jun 25, 2022)

v1.0.1(Nov 22, 2021)

v1.0.0(Nov 17, 2021)

Owner

Joe Helle

Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)

IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.

Security system to prevent Shoulder Surfing Attacks

Scout Suite - an open source multi-cloud security-auditing tool,

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

PKUAutoElective for 2021 spring semester

adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities

log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

PoC encrypted diary in Python 3

QHack-2022 - Solutions to the Coding Challenges of QHack 2022

👑 Discovery Header DoD Bug-Bounty

Description Basic Recon tool for beginners. Especially those who faces issue on how to recon or what all tools to use

Fuck - Multi Brute Force 🚶‍♂

Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

A Python r2pipe script to automatically create a Frida hook to intercept TLS traffic for Flutter based apps

An intranet tool for easily intranet pentesting

Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077

A gui application used for network reconnaissance while pentesting

Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)