Home Password Attack Spray365 makes spraying Microsoft accounts

Spray365 makes spraying Microsoft accounts

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray different from the many other password spraying tools that are already available?

Spray enables passwords to be sprayed from an “execution plan”. While having a pre-generated execution plan that describe the spraying operation well before it occurs has many other benefits that Spray leverages, this also allows password sprays to be resumed (-R option) after a network error or other interruption.

While it is easiest to generate a Spray execution plan using Spray365 directly, other tools that produce a compatible JSON structure make it easy to build unique password spraying workflows.

Download and install the Spray365

Spray365 exposes a few options that are useful when spraying credentials. Random user agents can be used to detect and bypass insecure conditional access policies that are configured to limit the types of allowed devices.

Similarly, the –shuffle_auth_order argument is a great way to spray credentials in a less-predictable manner. This option was added in an attempt to bypass intelligent account lockouts (e.g., Azure Smart Lockout). While it’s not perfect, randomizing the order in which credentials are attempted have other benefits too, like making the detection of these spraying operations even more difficult.

Spray365 also supports proxying traffic over HTTP/HTTPS, which integrates well with other tools like Burp Suite for manipulating the source of the spraying operation.

Step 1:

First of all you need to download the “spray365” tool so execute the below command in your terminal

					git clone https://github.com/MarkoH17/Spray365.git
Download the spray tool

Step 2:

Now change it’s directory with “cd” command

					cd Spray365

Step 3:

After completing the above steps execute the following command to install the requirements

Spray365 makes spraying Microsoft accounts

Step 4:

An execution plan is needed to spray credentials, so we need to create one! Spray365 can generate its own execution plan by running it in “generate” (-g) mode.

					$ python3 spray365.py -g <path_for_saved_execution_plan> -d <domain_name> -u <file_containing_usernames> -pf <file_containing_passwords>
Spray365 makes spraying Microsoft accounts

Once an execution plan is available, Spray365 can be used to process it. Running Spray365 in “spray” (-s) mode will process the specified execution plan and spray the appropriate credentials.

					$ python3 spray365.py -s <path_to_execution_plan>


No Comments

Leave A Reply

Please enter your comment!
Please enter your name here