Outlook and Exchange for the Bad Guys

DerbyCon 6.0 - Recharge

Presented by: Nick Landers
Date: Friday September 23, 2016
Time: 18:00 - 18:50
Location: Regency Center
Track: Fix Me

External mail via Exchange is one of the most common services offered by organizations today. The Microsoft Office suite is even more prevalent making Outlook the most common mail client around. This talk focuses on the abuse of these two products for the purpose of gaining code execution inside remote networks. Subjects include E-Mail and password scraping, OWA/EWS brute forcing techniques, and new research into abusing Outlook mail rules for remote code execution. Learn about the capabilities of client side rules, the underlying Windows APIs, and how to modify these rule objects to make phishing attacks obsolete. Security Consultant at Silent Break Security.

Nick Landers

Professional Hacker for 2 years. Current work involves writing custom malware and researching unique attack vectors that abuse functionality in windows environments.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats