OAT is an Open Source Security tool designed to check the password strength of Lync and Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates potential UC attacks that can be performed by legitimate users if proper security controls are not in place.
OAT has a user friendly tabbed interface that begins with a password strength test feature. Once the OAT user has successfully elicited the password, attack modules from subsequent tabs can be used for launching UC attacks against valid, registered Lync and OCS users.
OAT v3.0 is now available! The following features are new in version 3.0:
Sipera VIPER Lab (Abhijeet Hatekar) has released and demonstrated OAT v2.0 in International IT Security Conference FRHACK 01 held at Besancon in September 2009!
OAT is the first security assessment tool for Office Communication Server R1/R2
VIPER Lab created OAT because OCS and other Microsoft products are frequently being used as part of a unified communications infrastructure in many enterprises. Our mission is to help IT manager and security practitioners evaluate the security architecture of their deployments and ensure that their mission-critical communications and systems are protected.
Internal network is a deployment scenario where OCS users have unfiltered network connectivity to the OCS server and domain controller.
In this typical network scenario, OAT allows to launch attacks like:
External Network Attack Mode simulates the real world attack scenario in which an attacker is outside of the corporate IP network. An attacker sourced from outside of the firewall can not directly query the DC unless they know its hostname.
Once the Dictionary attack is successful against target user, OAT functions like a legitimate OCS client, registering itself with Office Communication Server. Once registered, OAT queries for the contact list of target user and uses this information to create a victim target list. This information is useful for the next attack phase.
In this typical network scenario, OAT allows to launch attacks like:
The main difference between Internal and External Deployments usage is that OAT can attack all available UC users when used from Internal network while it gets limited to users from contact list when otherwise used from an External network.