Penetrate your OWA

DerbyCon 4.0 - Family Rootz

Presented by: Nate Power
Date: Saturday September 27, 2014
Time: 13:30 - 13:55
Location: Stable Talks

A ‰’black box‰’ review of Microsoft‰’s Outlook Wep App(OWA) revealed several vulnerabilities. This includes a time based authentication attack that allows attackers to validate realms and usernames existing in Active Directory. We will discuss how these vulnerabilities can be leveraged during a pentest.

Nate Power


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats