Penetration Testing mailing list archives
Re: [PEN-TEST] examining exchange mail
From: Robert van der Meulen <rvdm () CISTRON NL>
Date: Wed, 6 Dec 2000 19:06:50 +0100
Hi, Quoting Andrew Thomas (blink () EYE2EYE NET):
I have domain admin on a network, and I want to know how I would go about viewing mail *stored* on the Exchange Server, if this is possible. What little research I have done, has not turned up much, so if anyone could help, it would be much appreciated.
AFAIK it shouldn't be so hard to either move the mail to a new account, or write some win32 program that uses the NT api's to open the mailbox files/databases. Altering the rights of the target user should be possible too, i guess. I'm a non-m$, unix-person only, so my experience with Exchange is limited. I did work with M$ api's for some time, and found them quite complete. What this has to do with pen-testing, i don't get ;) Also keep in mind that reading any users' email (unless it's your own) can offer a nice legal problem, even in a pen-test scope (not mentioning ethics). Greets, Robert -- | rvdm () cistron nl - Cistron Internet Services - www.cistron.nl | | php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security | | My statements are mine, and not necessarily cistron's. | Never trust a child farther than you can throw it.
Current thread:
- [PEN-TEST] examining exchange mail Andrew Thomas (Dec 07)
- Re: [PEN-TEST] examining exchange mail Ryan Russell (Dec 07)
- Re: [PEN-TEST] examining exchange mail Work, Clinton (Dec 07)
- Re: [PEN-TEST] examining exchange mail Phonix (Dec 10)
- Re: [PEN-TEST] examining exchange mail Deus, Attonbitus (Dec 10)
- Re: [PEN-TEST] examining exchange mail Conor Crowley (Dec 10)
- Re: [PEN-TEST] examining exchange mail Robert van der Meulen (Dec 07)
- Re: [PEN-TEST] examining exchange mail Francois Pepin (Dec 07)
- Re: [PEN-TEST] examining exchange mail Patrick Aland (Dec 07)
- Re: [PEN-TEST] examining exchange mail Laura Nuñez (Dec 07)
- <Possible follow-ups>
- Re: [PEN-TEST] examining exchange mail Jeff Oliver (Dec 07)
- Re: [PEN-TEST] examining exchange mail Marty Richards (Dec 07)
- Re: [PEN-TEST] examining exchange mail Mark Armitage (Dec 07)
- Re: [PEN-TEST] examining exchange mail Andrew Thomas (Dec 10)
- Re: [PEN-TEST] examining exchange mail Charlie Roberts (Dec 10)
- Re: [PEN-TEST] examining exchange mail Ryan Russell (Dec 07)