Giter VIP home page Giter VIP logo

mfade's Introduction

MFade

A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure points in Mircrosoft Services. This port is also cross platform due to the Python codebase and the removal of the modified and encoded EWS DLL that is included in the original MFASweep Powershell script.

The tool will attempt to log in to several Microsoft service endpoints with the given credentials and will return a table showing which endpoints are misconfigured to allow single-factor authentication.

example_results

Just like MFASweep, this port can currently authenticate to:

  • Microsoft Graph API
  • Azure Service Management API
  • Microsoft 365 Exchange Web Services
  • Microsoft 365 Web Portal w/ 6 device types (Windows, Linux, MacOS, Android Phone, iPhone, Windows Phone)
  • Microsoft 365 Active Sync
  • ADFS

Usage

$ python3 MFade.py -h
usage: MFade.py [-h] [--username USERNAME] [--password PASSWORD] [--recon] [--adfs] [--sleep SLEEP] [--jitter JITTER] [--ioc] [--exclude EXCLUDE]

A tool to find failure points in Microsoft Multi Factor Authentication configurations from an attacker's perspective but with some extra OPSEC
features.

options:
  -h, --help            show this help message and exit
  --username USERNAME, -u USERNAME
                        target email address (e.g [email protected])
  --password PASSWORD, -p PASSWORD
                        target's password
  --recon, -r           script will attempt to locate ADFS configurations
  --adfs                script will attempt to login to ADFS in addition to the other Microsoft protocols
  --sleep SLEEP, -s SLEEP
                        OPSEC: how long to sleep between authentication attempts (in seconds)
  --jitter JITTER, -j JITTER
                        OPSEC: percentage change added to sleep value for further sleep randomisation (0-100)
  --ioc                 OPSEC: Print a report with the generated HTTP request times and their corresponding target URLs
  --exclude EXCLUDE, -e EXCLUDE
                        OPSEC: Exclude given checks. Provide the checks to exclude as a comma-separated list. Possible values are:
                        gapi,asm,ews,as,mwp-W,mwp-L,mwp-M,mwp-A,mwp-I,mwp-wp. Check the source code for mappings

This program is made for use in authorised environments. Please do not use it for evil.

Examples:

Example: Checking for ADFS

python3 MFade.py -u <email> -p <password> --adfs --recon

Example: Using sleeps and jitter to throttle the authentication attempts

python3 MFade.py -u <email> -p <password> --sleep 40 --jitter 10

Example: Retrieve a mapping of URLs requested and the time and dates of their corresponding HTTP requests for reporting purposes.

python3 MFade.py -u <email> -p <password> --ioc

Example: Exclude some checks such as Graph API and EWS.

python3 MFade.py -u <email> -p <password> --exclude gapi,ews

References:

mfade's People

Contributors

ibaic avatar

Stargazers

avatar avatar avatar iojymbo avatar avatar S3lrius avatar James Yeung avatar Bart avatar Frank S avatar Simon Bouchard avatar avatar A. Arbelet avatar avatar Kyle Fleming avatar avatar Geert Smelt avatar Ryan McFarland avatar bada avatar Zak avatar Or Guetta avatar avatar Paul Ritchie avatar avatar avatar Eugene Dobrodeev avatar avatar NuQy avatar Xenov avatar

Watchers

Kyle Fleming avatar avatar

Forkers

pwnf hxlxmjxbbxs scriptidiot

mfade's Issues

String matching does not work anymore

Hello, I realized recently that the matching for "Stay signed in" and "Verify your identity" doesn't seem to work anymore and the tool report "login failed" even tough the login is successful.

Do you know how we can fix this ?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.