Ruler v2.0 - A tool to abuse Exchange services.

Ruler v2.0 – A tool to abuse Exchange services.

Changelog ruler v2.0 12/12/2016:
+ Fix a bug that was causing rpc with –encrypt to fail for some mailboxes. Issue was with padding on the AUTH3 packet
+ Fix conflict
Binaries version changelog
+ New interface
+ Support for both RPC/HTTP and MAPI/HTTP
+ Pass-the-hash support

ruler v2.0

Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules.
Ruler has multiple functions and more are planned. These include
* Enumerate valid users
* View currently configured mail rules
* Create new malicious mail rules
* Delete mail rules
Ruler attempts to be semi-smart when it comes to interacting with Exchange and uses the Autodiscover service (just as your Outlook client would) to discover the relevant information.

+ Brute-force for credentials
+ The autodiscover service
+ PtH – Passing the hash
+ Display existing rules / verify account
+ Delete existing rules (clean up after yourself)
+ Popping a shell
+ Semi-Autopwn
Use, download and build from source:

Download: ruler-linux32  | ruler-linux64  | ruler-osx64