Penetration Testing mailing list archives
Re: [PEN-TEST] examining exchange mail
From: Phonix <phonix () MOOCOW ORG>
Date: Thu, 7 Dec 2000 09:24:43 -0500
I've only been able to get to people's Inbox this way, but I'm probably just doing something stupid that prevents me from getting to their other folders. The actual mail is all stored in one monolithic file on the Exchange server, in some sort of DB format.
Not necessarily true. Users can, of course, create personal folders to store messages in, and those are stored on the local drive. Connecting to the Exchange server, even as admin, won't get you any closer to those messages. A smart Exchange/Outlook user will set up a rule that immediately moves all their mail out of the default folder and into a local folder, to prevent cases of admin snooping just like this. .phonix.
Current thread:
- [PEN-TEST] examining exchange mail Andrew Thomas (Dec 07)
- Re: [PEN-TEST] examining exchange mail Ryan Russell (Dec 07)
- Re: [PEN-TEST] examining exchange mail Work, Clinton (Dec 07)
- Re: [PEN-TEST] examining exchange mail Phonix (Dec 10)
- Re: [PEN-TEST] examining exchange mail Deus, Attonbitus (Dec 10)
- Re: [PEN-TEST] examining exchange mail Conor Crowley (Dec 10)
- Re: [PEN-TEST] examining exchange mail Robert van der Meulen (Dec 07)
- Re: [PEN-TEST] examining exchange mail Francois Pepin (Dec 07)
- Re: [PEN-TEST] examining exchange mail Patrick Aland (Dec 07)
- Re: [PEN-TEST] examining exchange mail Laura Nuñez (Dec 07)
- <Possible follow-ups>
- Re: [PEN-TEST] examining exchange mail Jeff Oliver (Dec 07)
- Re: [PEN-TEST] examining exchange mail Marty Richards (Dec 07)
- Re: [PEN-TEST] examining exchange mail Mark Armitage (Dec 07)
- Re: [PEN-TEST] examining exchange mail Andrew Thomas (Dec 10)
(Thread continues...)
- Re: [PEN-TEST] examining exchange mail Ryan Russell (Dec 07)