inurl:Dialin/Conference.aspx

• SHDB
• 1719 阅读

• 日期：2016-08-05
• 类别：
  • Pages Containing Login Portals
• 作者：anonymous
• 语法：inurl:Dialin/Conference.aspx

• # Exploit Title: Google dork to discover Lync Server 2013

  # Google Dork: inurl:Dialin/Conference.aspx

  # Date: 2016-08-03

  # Exploit Author: @nyxgeek

  # Vendor Homepage: microsoft.com

  This search reveals Lync Server 2013 dialin login pages. A user

  enumeration

  timing attack can be performed against these pages. Long response time

  indicates that the username is invalid. Short response time indicates

  that

  you have a valid username.