OAT v2.0 - OCS Assessment Tool - released

OCS == Microsoft Office Communications Server

OAT Modes

Internal Network Attack Mode

Internal network is a deployment scenario where OCS users have unfiltered network connectivity to the OCS server and domain controller.

In this typical network scenario, OAT allows to launch attacks like

• Online Dictionary Attack
• Domain User Enumeration
• Presence Stealing
• Contact List Stealing
• Domain IM Flood
• Communicator Call DoS
• Domain Call Walk

External Network Attack Mode

External Network Attack Mode simulates the real world attack scenario in which an attacker is outside of the corporate IP network. An attacker sourced from outside of the firewall can not directly query the DC unless they know its hostname.

Once the Dictionary attack is successful against target user, OAT functions like a legitimate OCS client, registering itself with Office Communication Server. Once registered, OAT queries for the contact list of target user and uses this information to create a victim target list. This information is useful for the next attack phase.

In this typical network scenario, OAT allows to launch attacks like

• Online Dictionary Attack
• Domain User Enumeration
• Presence Stealing
• Contact List Stealing
• Domain IM Flood
• Communicator Call DoS
• Domain Call Walk

The main difference between Internal and External Deployments usage is that OAT can attack all available UC users when used from Internal network while it gets limited to users from contact list when otherwise used from an External network.

The OCS Assessment Tool is subject to the BSD license agreement.

• Getting Started with OAT
• More Information: here