• 日期:2016-08-05
  • 类别:
  • 作者:anonymous
  • 语法:inurl:Dialin/Conference.aspx
  • # Exploit Title: Google dork to discover Lync Server 2013

    # Google Dork: inurl:Dialin/Conference.aspx

    # Date: 2016-08-03

    # Exploit Author: @nyxgeek

    # Vendor Homepage:

    This search reveals Lync Server 2013 dialin login pages. A user


    timing attack can be performed against these pages. Long response time

    indicates that the username is invalid. Short response time indicates


    you have a valid username.