Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- start [2026/02/18 22:54]
jango
+++ start [2026/02/19 22:31] (aktuell)
jango
@@ Zeile 1: / Zeile 1: @@
+<code>
+param(
+  [string]$Url = "https://mail.deinedomain.tld/owa/",
+  [string]$Username = "DOMAIN\user",
+  [string]$Password = "secret",
+  [switch]$IgnoreCertErrors
+)
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+if ($IgnoreCertErrors) { [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } }
+function New-BasicAuthValue([string]$User,[string]$Pass){
+  $pair = "{0}:{1}" -f $User,$Pass
+  "Basic " + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))
+}
+$req = [System.Net.HttpWebRequest]::Create($Url)
+$req.Method = "GET"
+$req.AllowAutoRedirect = $false
+$req.Headers.Add("Authorization", (New-BasicAuthValue $Username $Password))
+$req.UserAgent = "OWA-BasicTest/PS5.1"
+try { $resp = $req.GetResponse() }
+catch [System.Net.WebException] { $resp = $_.Exception.Response }
+if ($resp) {
+  "HTTP: {0}" -f ([int]$resp.StatusCode)
+  "Location: {0}" -f $resp.Headers["Location"]
+  "WWW-Authenticate: {0}" -f ($resp.Headers.GetValues("WWW-Authenticate") -join " | ")
+  $resp.Close()
+}
+</code>
+<code>
+param(
+  [string]$Url = "https://mail.deinedomain.tld/owa/",
+  [switch]$IgnoreCertErrors
+)
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+if ($IgnoreCertErrors) { [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } }
+$req = [System.Net.HttpWebRequest]::Create($Url)
+$req.Method = "GET"
+$req.AllowAutoRedirect = $false
+try {
+  $resp = $req.GetResponse()
+} catch [System.Net.WebException] {
+  $resp = $_.Exception.Response
+}
+if ($resp) {
+  "HTTP: {0}" -f ([int]$resp.StatusCode)
+  "WWW-Authenticate:"
+  $resp.Headers.GetValues("WWW-Authenticate")
+  $resp.Close()
+} else {
+  "No response (TLS/DNS/Network issue)."
+}
+</code>
+<code>
+PS C:\Users\Manuel Zarat> C:\Users\Manuel Zarat\Desktop\eas.ps1
+Target: https://eas.akm.at/Microsoft-Server-ActiveSync
+User:   D2000\\jango.zarat
+Count:  20  Delay: 100ms  Timeout: 10s
+[13:46:23.900] #   1 -> HTTP 401 (1156 ms)
+[13:46:25.197] #   2 -> HTTP 401 (1187 ms)
+[13:46:26.485] #   3 -> HTTP 401 (1181 ms)
+[13:46:27.753] #   4 -> HTTP 401 (1159 ms)
+[13:46:29.014] #   5 -> HTTP 401 (1147 ms)
+[13:46:30.271] #   6 -> HTTP 401 (1151 ms)
+[13:46:31.550] #   7 -> HTTP 401 (1161 ms)
+[13:46:32.821] #   8 -> HTTP 401 (1167 ms)
+[13:46:34.072] #   9 -> HTTP 401 (1141 ms)
+[13:46:35.328] #  10 -> HTTP 401 (1153 ms)
+[13:46:36.606] #  11 -> HTTP 401 (1168 ms)
+[13:46:37.876] #  12 -> HTTP 401 (1175 ms)
+[13:46:39.153] #  13 -> HTTP 401 (1151 ms)
+[13:46:40.395] #  14 -> HTTP 401 (1146 ms)
+[13:46:41.684] #  15 -> HTTP 401 (1188 ms)
+[13:46:42.964] #  16 -> HTTP 401 (1167 ms)
+[13:46:44.219] #  17 -> HTTP 401 (1162 ms)
+[13:46:45.651] #  18 -> HTTP 401 (1306 ms)
+[13:46:46.909] #  19 -> HTTP 401 (1156 ms)
+[13:46:48.180] #  20 -> HTTP 401 (1166 ms)
+PS C:\Users\Manuel Zarat>
+</code>
 Hallo Besucher! Willkommen in diesem kleinen Wiki rund um IT. Vieles ist noch **unvollständig, unstrukturiert oder vielleicht sogar falsch bzw. irreführend**.
@@ Zeile 14: / Zeile 104: @@
 <code powershell>
+<#
+PowerShell 5.1 â€“ EAS Basic-Auth Test (sendet IMMER weiter, auch bei 429)
+Optional:
+- -IgnoreCertErrors (nur Test!)
+- -LogHeaders um X-EAS-FAIL / X-Blocked-By etc. zu sehen, falls du die in HAProxy setzt.
+#>
 param(
   [string]$Url = "https://eas.akm.at/Microsoft-Server-ActiveSync",
-  [string]$Username = "doesnotexist-testuser",
+  [string]$Username = "D2000\\jango.zarat",
-  [string]$Password = "WrongPassword123!",
+  [string]$Password = "Lunikoff0310!",
-  [int]$Count = 50,
+  [int]$Count = 20,
-  [int]$DelayMs = 200
+  [int]$DelayMs = 100,
+  [int]$TimeoutSec = 10,
+  [switch]$IgnoreCertErrors,
+  [switch]$LogHeaders
 )
-# Basic Auth header bauen
+# TLS 1.2 erzwingen
-$pair = "{0}:{1}" -f $Username, $Password
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
-$b64  = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))
+# Optional: Zertifikatsfehler ignorieren (nur Tests)
-$headers = @{
+if ($IgnoreCertErrors) {
-  "Authorization" = "Basic $b64"
+  [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
-  "User-Agent"    = "EAS-Bruteforce-Test/1.0"
-  "Accept"        = "*/*"
 }
-Write-Host "Target: $Url"
+function New-BasicAuthValue {
-Write-Host "User:   $Username"
+  param([string]$User, [string]$Pass)
-Write-Host "Count:  $Count, Delay: ${DelayMs}ms"
+  $pair = "{0}:{1}" -f $User, $Pass
+  $b64  = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))
+  return "Basic $b64"
+}
+$auth = New-BasicAuthValue -User $Username -Pass $Password
+Write-Host ("Target: {0}" -f $Url)
+Write-Host ("User:   {0}" -f $Username)
+Write-Host ("Count:  {0}  Delay: {1}ms  Timeout: {2}s" -f $Count, $DelayMs, $TimeoutSec)
 Write-Host ""
 for ($i=1; $i -le $Count; $i++) {
-  $sw = [System.Diagnostics.Stopwatch]::StartNew()
+  $sw = [Diagnostics.Stopwatch]::StartNew()
+  $code = -1
+  $err  = $null
+  $h = @{}
   try {
-    # -SkipCertificateCheck ist in PS7 verfügbar (falls ihr intern/self-signed nutzt)
+    $req = [System.Net.HttpWebRequest]::Create($Url)
-    $resp = Invoke-WebRequest -Uri $Url -Method Get -Headers $headers -MaximumRedirection 0 -SkipCertificateCheck -ErrorAction Stop
+    $req.Method = "GET"
+    $req.AllowAutoRedirect = $false
+    $req.Timeout = $TimeoutSec * 1000
+    $req.ReadWriteTimeout = $TimeoutSec * 1000
+    $req.UserAgent = "EAS-Test/PS5.1"
+    $req.Headers.Add("Authorization", $auth)
+    $req.Headers.Add("MS-ASProtocolVersion", "14.1")
+    $resp = $req.GetResponse()
     $code = [int]$resp.StatusCode
-  } catch {
+    if ($LogHeaders) {
-    # Bei 401/429 wirft Invoke-WebRequest meist eine Exception -> Code auslesen
+      foreach ($k in $resp.Headers.AllKeys) { $h[$k] = $resp.Headers[$k] }
-    $code = $null
-    if ($_.Exception.Response -and $_.Exception.Response.StatusCode) {
-      $code = [int]$_.Exception.Response.StatusCode
-    } elseif ($_.ErrorDetails -and $_.ErrorDetails.Message -match '"status"\s*:\s*(\d{3})') {
-      $code = [int]$matches[1]
     }
+    $resp.Close()
   }
+  catch [System.Net.WebException] {
+    if ($_.Exception.Response) {
+      $resp = $_.Exception.Response
+      $code = [int]$resp.StatusCode
+      if ($LogHeaders) {
+        foreach ($k in $resp.Headers.AllKeys) { $h[$k] = $resp.Headers[$k] }
+      }
+      $resp.Close()
+    } else {
+      $err = $_.Exception.Message
+    }
+  }
+  catch {
+    $err = $_.Exception.Message
+  }
   $sw.Stop()
   $ts = (Get-Date).ToString("HH:mm:ss.fff")
-  if ($null -eq $code) { $code = -1 }
+  if ($code -eq -1) {
+    Write-Host ("[{0}] #{1,4} -> HTTP -1 ({2} ms) ERROR={3}" -f $ts, $i, $sw.ElapsedMilliseconds, $err)
-  Write-Host ("[{0}] #{1,3} -> HTTP {2} ({3} ms)" -f $ts, $i, $code, $sw.ElapsedMilliseconds)
+  } else {
+    if ($LogHeaders) {
-  if ($code -eq 429) {
+      $xFail = $h["X-EAS-FAIL"]
-    Write-Host "Got 429 -> rate limit seems active. Stopping."
+      $xBlk  = $h["X-Blocked-By"]
-    break
+      $extra = @()
+      if ($xFail) { $extra += ("X-EAS-FAIL={0}" -f $xFail) }
+      if ($xBlk)  { $extra += ("X-Blocked-By={0}" -f $xBlk) }
+      $suffix = ""
+      if ($extra.Count -gt 0) { $suffix = "  " + ($extra -join "  ") }
+      Write-Host ("[{0}] #{1,4} -> HTTP {2} ({3} ms){4}" -f $ts, $i, $code, $sw.ElapsedMilliseconds, $suffix)
+    } else {
+      Write-Host ("[{0}] #{1,4} -> HTTP {2} ({3} ms)" -f $ts, $i, $code, $sw.ElapsedMilliseconds)
+    }
   }
+  # WICHTIG: NICHT abbrechen bei 429 â€“ weiter senden
   Start-Sleep -Milliseconds $DelayMs
 }
 </code>

MBCDN

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Unterschiede

Seiten-Werkzeuge