Bypassing MFA

Overview

Since the engagement is an External Pentest there usually isn't any kind of social engineering or interactions with the users to bypass MFA. This leaves us limited in our attack options

MFASweep and ropci are great tools to bypass MFA. Exchange Web Services (EWS) can be used instead of Outlook to authenticate to O365 by using MailSniper.

MailSniper will parse through the emails hunting passwords down

PreviousAttacking Other Portals NextEscalating Access

Last updated 11 months ago

Was this helpful?