azure_enum 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +9 -0
- data/README.md +44 -1
- data/exe/azure_enum +6 -1
- data/lib/azure_enum.rb +29 -15
- data/lib/azure_enum/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6fdc83880b2b733e7d62d3547acddfaf63545d96fe971e40476141aff0478a41
|
|
4
|
+
data.tar.gz: f41d54b8da002a67330179fe77f64dd419fd7588494fa1f0b2bdd0384f92d98c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a3a494b52395dac75e451203506bd73b3f17613fbe28c4716837d6299363379df4220bdad19da13ce144d16f3ed3be499c0188fed1161301d975f89c23394d93
|
|
7
|
+
data.tar.gz: 601600c96b145a70524b6b390f30caee359451e49e9398fa7e04e242e5c9264936db14783d4b1c510a7c684361efab7d05728032289d82f733a17957bdcfd876
|
data/.rubocop.yml
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# AzureEnum
|
|
2
2
|
|
|
3
|
-
This Ruby Gem assists in enumeration of Office 365 federated domains. This can allow you to identify domains associated with a business, not easily identified through traditional means.
|
|
3
|
+
This Ruby Gem assists in enumeration of Office 365 or Exchange on-premise federated domains. This can allow you to identify domains associated with a business, not easily identified through traditional means. The examples below demonstrate how output can be interesting.
|
|
4
4
|
|
|
5
5
|
The time this process takes can vary from a few seconds to a few minutes depending on the hosting server.
|
|
6
6
|
## Installation
|
|
@@ -37,6 +37,44 @@ lolzware.onmicrosoft.com
|
|
|
37
37
|
lolware.net
|
|
38
38
|
```
|
|
39
39
|
|
|
40
|
+
## Examples
|
|
41
|
+
|
|
42
|
+
The following examples against some random domains demonstrate the tools capabilities.
|
|
43
|
+
|
|
44
|
+
```
|
|
45
|
+
$ azure_enum afl.com.au
|
|
46
|
+
Please wait while the given domain is enumerated.
|
|
47
|
+
afl.com.au
|
|
48
|
+
aflnt.com.au
|
|
49
|
+
ntthunder.com.au
|
|
50
|
+
aflgoulburnmurray.com.au
|
|
51
|
+
aflwesterndistrict.com.au
|
|
52
|
+
aflgippsland.com.au
|
|
53
|
+
aflyarraranges.com.au
|
|
54
|
+
|
|
55
|
+
$ azure_enum kmart.com.au
|
|
56
|
+
Please wait while the given domain is enumerated.
|
|
57
|
+
kmart.com.au
|
|
58
|
+
KASAsia.com
|
|
59
|
+
|
|
60
|
+
$ azure_enum microsoft.com
|
|
61
|
+
Please wait while the given domain is enumerated.
|
|
62
|
+
corp.webtv.net
|
|
63
|
+
microsoft.onmicrosoft.com
|
|
64
|
+
surface.com
|
|
65
|
+
bungie.com
|
|
66
|
+
navic.tv
|
|
67
|
+
middleeast.corp.microsoft.com
|
|
68
|
+
wingroup.windeploy.ntdev.microsoft.com
|
|
69
|
+
exchangecalendarsharing.com
|
|
70
|
+
redmond.corp.microsoft.com
|
|
71
|
+
northamerica.corp.microsoft.com
|
|
72
|
+
bing.com
|
|
73
|
+
corp.microsoft.com
|
|
74
|
+
placeware.com
|
|
75
|
+
(snip large list)
|
|
76
|
+
```
|
|
77
|
+
|
|
40
78
|
## Development
|
|
41
79
|
|
|
42
80
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -46,6 +84,11 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
|
46
84
|
## Contributing
|
|
47
85
|
|
|
48
86
|
Bug reports and pull requests are welcome on GitHub at https://github.com/technion/azure_enum.
|
|
87
|
+
Sometimes you get this output:
|
|
88
|
+
|
|
89
|
+
Unknown key: Max-Age = 31536000
|
|
90
|
+
|
|
91
|
+
It seems to be a known bug in HTTPClient.
|
|
49
92
|
|
|
50
93
|
## License
|
|
51
94
|
|
data/exe/azure_enum
CHANGED
|
@@ -8,5 +8,10 @@ if (ARGV.length == 0)
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
puts "Please wait while the given domain is enumerated."
|
|
11
|
-
|
|
11
|
+
domains = AzureEnum.federated(ARGV[0])
|
|
12
|
+
if (!domains || domains == [])
|
|
13
|
+
puts "Unfortunately this domain cannot be enumerated"
|
|
14
|
+
exit
|
|
15
|
+
end
|
|
12
16
|
|
|
17
|
+
puts domains
|
data/lib/azure_enum.rb
CHANGED
|
@@ -3,7 +3,9 @@ require "erb"
|
|
|
3
3
|
require "httpclient"
|
|
4
4
|
require "nokogiri"
|
|
5
5
|
|
|
6
|
+
# Azure and Exchange federated domain enumerator
|
|
6
7
|
module AzureEnum
|
|
8
|
+
# Class initializes with a domain name, and provides methods to interact with MS Autodiscover
|
|
7
9
|
class Federation
|
|
8
10
|
def initialize(domain)
|
|
9
11
|
@domain = domain
|
|
@@ -11,6 +13,7 @@ module AzureEnum
|
|
|
11
13
|
@redirect = nil
|
|
12
14
|
end
|
|
13
15
|
|
|
16
|
+
# This will identify if the http:// redirect exists for the domain, usually per Office 365
|
|
14
17
|
def check_redirect
|
|
15
18
|
url = "http://autodiscover.#{@domain}/autodiscover/autodiscover.svc"
|
|
16
19
|
begin
|
|
@@ -24,8 +27,8 @@ module AzureEnum
|
|
|
24
27
|
|
|
25
28
|
def enumerate_autodisc
|
|
26
29
|
httpsdomains = [
|
|
27
|
-
"https
|
|
28
|
-
"https
|
|
30
|
+
"https://autodiscover.#{@domain}/autodiscover/autodiscover.svc",
|
|
31
|
+
"https://#{@domain}/autodiscover/autodiscover.svc"
|
|
29
32
|
]
|
|
30
33
|
|
|
31
34
|
httpsdomains.unshift @redirect if @redirect
|
|
@@ -36,47 +39,58 @@ module AzureEnum
|
|
|
36
39
|
content = { "Content-Type" => "text/xml; charset=utf-8" }
|
|
37
40
|
res = http.post(url, xml, content)
|
|
38
41
|
@xml_text = res.content
|
|
39
|
-
return
|
|
40
|
-
|
|
42
|
+
return true
|
|
43
|
+
# It is bad style to rescue "all" errors. However, it turns out there is a practically
|
|
44
|
+
# never ending list of ways this can fail. And "any" failure is reason to rule out the address
|
|
41
45
|
rescue
|
|
42
46
|
next
|
|
43
47
|
end
|
|
44
48
|
end
|
|
49
|
+
return false
|
|
45
50
|
end
|
|
51
|
+
|
|
46
52
|
def getdomains
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
node.text
|
|
54
|
-
end
|
|
53
|
+
raise "enumumerate_autodisc not called yet" unless @xml_text
|
|
54
|
+
tree = Nokogiri.parse(@xml_text)
|
|
55
|
+
tree.xpath(
|
|
56
|
+
"//ad:GetFederationInformationResponseMessage/ad:Response/ad:Domains/ad:Domain",
|
|
57
|
+
ad: "http://schemas.microsoft.com/exchange/2010/Autodiscover"
|
|
58
|
+
).map(&:text)
|
|
55
59
|
end
|
|
56
60
|
|
|
57
61
|
private
|
|
62
|
+
|
|
63
|
+
# This is an internal class just to pass the correct structure to ERB in get_xml
|
|
58
64
|
class Discovery
|
|
59
65
|
def initialize(domain, url)
|
|
60
66
|
@domain = domain
|
|
61
67
|
@url = url
|
|
62
68
|
end
|
|
69
|
+
|
|
63
70
|
def get_binding
|
|
64
71
|
binding
|
|
65
72
|
end
|
|
66
73
|
end
|
|
74
|
+
|
|
67
75
|
def get_xml(domain, url)
|
|
68
|
-
|
|
76
|
+
path = File.dirname __dir__
|
|
77
|
+
template = File.read(File.join(path, "discovery.xml.erb"))
|
|
69
78
|
renderer = ERB.new(template)
|
|
70
79
|
discovery = Discovery.new(domain, url)
|
|
71
80
|
renderer.result(discovery.get_binding)
|
|
72
81
|
end
|
|
73
82
|
end
|
|
83
|
+
|
|
84
|
+
# This is the intended API: runs each step of the enumeration process and returns a result
|
|
74
85
|
class << self
|
|
75
86
|
def federated(domain)
|
|
76
87
|
e = Federation.new(domain)
|
|
77
88
|
e.check_redirect
|
|
78
|
-
e.enumerate_autodisc
|
|
79
|
-
|
|
89
|
+
if e.enumerate_autodisc
|
|
90
|
+
e.getdomains
|
|
91
|
+
else
|
|
92
|
+
nil
|
|
93
|
+
end
|
|
80
94
|
end
|
|
81
95
|
end
|
|
82
96
|
end
|
data/lib/azure_enum/version.rb
CHANGED