Microsoft Exchange Client Access Server Information Disclosure
Last updated
Was this helpful?
Last updated
Was this helpful?
Connect to the open HTTPS port of your exchange server using OpenSSL and the command below.
Once the connection is made, you will be prompted to input a command.
Paste or input the follows (this will make a GET request to autodiscover.xml using the command below.)
You need to hit Enter twice after you typed the GET request; before the server will respond.
This spits out its local IP address under the header WWW-Authenticate: Basic realm=.
The rule will match any WWW-Authenticate Header which includes an IP address in the WWW-Authenticate field and replace this with the domain name.
This can then be added to the Virtual Service: Virtual Services > View/Modify Services > Advanced Properties > HTTP Header Modifications > Response Rules.
The internal address is now hidden in all responses and replaced with www.domain.com:
IIS server to deny requests made without the Host header set. They achieve this by using the URL rewrite module for IIS.
URL Rewrite Download the URL Rewrite module onto your exchange server and install it.