nerdexam
GIAC

GPEN · Question #311

GPEN Question #311: Real Exam Question with Answer & Explanation

The correct answer is D. allinurl:"exchange/logon.asp". The Google dork 'allinurl:"exchange/logon.asp"' targets the default Microsoft Exchange Outlook Web Access login page URL, making it the correct search string for locating OWA portals.

Question

You want to search Microsoft Outlook Web Access Default Portal using Google search on the Internet so that you can perform the brute force attack and get unauthorized access. What search string will you use to accomplish the task?

Options

  • Aintitle:"Index Of" -inurl:maillog maillog size
  • Bintext:"outlook.asp"
  • Cintitle:index.of inbox dbx
  • Dallinurl:"exchange/logon.asp"

Explanation

The Google dork 'allinurl:"exchange/logon.asp"' targets the default Microsoft Exchange Outlook Web Access login page URL, making it the correct search string for locating OWA portals.

Common mistakes.

  • A. The string 'intitle:"Index Of" -inurl:maillog maillog size' is used to find exposed mail log files on web servers, not Outlook Web Access login portals.
  • B. The string 'intext:"outlook.asp"' searches for page body text containing 'outlook.asp' and is too broad and imprecise to reliably target Exchange OWA login pages.
  • C. The string 'intitle:index.of inbox dbx' is used to find exposed Outlook Express mailbox (.dbx) files in open directory listings, not OWA login portals.

Concept tested. Google dorking to locate Outlook Web Access portals

Reference. https://learn.microsoft.com/en-us/exchange/clients/outlook-on-the-web/outlook-on-the-web

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice