onedrive_user_enum
Installation
git clone https://github.com/nyxgeek/onedrive_user_enum.git
python3 -m pip install -r requirements.txt
Usage
onedrive_enum.py [-h] -d [-t] [-u] [-a] [-U] [-p] [-o] [-T] [-e] [-r] [-x] [-n] [-k] [-v] [-D]
Flags
-h, --help show this help message and exit
-d , --domain target domain name (required)
-t , --tenant tenant name
-u , --username user to target
-a , --append mutator: append a number, character, or string to a username
-U , --userfile file containing usernames (wordlists) -- will also take a directory
-p , --playlist file containing list of paths to user lists (wordlists) to try
-o , --output file to write output to (default: output.log)
-T , --threads total number of threads (defaut: 100)
-e , --environment Azure environment to target [commercial (default), chinese, gov]
-r, --rerun force re-run of previously tested tenant/domain/wordlist combination
-x, --skip-tried dedupe. skip any usernames from previous runs
-n, --no-db disable logging to db
-k , --killafter kill off non-productive jobs after x tries with no success
-v, --verbose enable verbose output
-D, --debug enable debug output
Examples
$ python3 onedrive_enum.py -U users.txt -d offsec.nl
+-----------------------------------------+
| OneDrive Enumerator |
| 2019 @nyxgeek - TrustedSec |
+-----------------------------------------+
Reading users from file: users.txt
Connection to https://offsec-my.sharepoint.com was successful...
Beginning enumeration of https://offsec-my.sharepoint.com/personal/USER_offsec_com/
[-] [404] not found offsec.nl - johndoe
[-] [404] not found offsec.nl - janedoe
[+] [403] VALID ONEDRIVE FOR offsec.nl - crypt0rr
[+] [403] VALID ONEDRIVE FOR offsec.nl - crypt0rr-adm
[+] [403] VALID ONEDRIVE FOR offsec.nl - attacker
URL List