TeamsUserEnum: User enumeration with Microsoft Teams API

UserEnumTeams

User enumeration is a security weakness that allows an attacker to determine whether a specific username is valid. The most common form of user enumeration manifests within the authentication or user-management process. If the server returns a different response when the user is valid and when it is not, a malicious actor can use brute force to establish a list of valid users in the system.

Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the immunIT’s blog.

Use

> .\UserEnumTeams userenum –help
Users can be enumerated on Microsoft Teams with the search features.
This tool validates an email address or a list of email addresses.
If these emails exist the presence of the user is retrieved as well as the device used to connect

Usage:
UserEnumTeams userenum [flags]

Flags:
-e, –email string Email address
-f, –file string File containing the email address
-h, –help help for userenum
-t, –token string Bearer token (only the base64 part: eyJ0…)

Global Flags:
-v, –verbose Verbose

Example

.\UserEnumTeams userenum -u emails.txt -t eyJ0eXAiOiJKV1QiLCJub25jZSI6IlpNc3FVTnJDeUJaYTBJZ3RXSmFsNUZWVjRU……vKiXYtCir3GJ9rMPAhPXiXSzSMeOPiSaM7SDoCg

.\UserEnumTeams userenum -u emails.txt -t eyJ0eXAiOiJKV1QiLCJub25jZSI6IlpNc3FVTnJDeUJaYTBJZ3RXSmFsNUZWVjRU……vKiXYtCir3GJ9rMPAhPXiXSzSMeOPiSaM7SDoCg -v

Download

Copyright (C) 2021 nodauf