thumbscr-ews – a python EWS tool
Something I have found myself doing more and more often is using Exchange Web Services (EWS) to bypass 2FA. I do this so that I could look through mail for accounts I have compromised. The 2FA bypass is due to a common misconfiguration which can leave EWS unprotected, and has been known about for ages, mostly from the Black Hills post in 2016. However, most of the tooling appears to…
Page 1 of 1