27 April 2009 | 3,999 views

OAT (OCS Assessment Tool) – Office Communication Server Security Assessment Tool

Check For Vulnerabilities with Acunetix

OAT is an Open Source Security tool designed to check the password strength of Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates potential UC attacks that can be performed by legitimate users if proper security controls are not in place.


  • Online Dictionary Attack
  • Presence Stealing
  • Contact List Stealing
  • Single User Flood Mode (Internal)
  • Domain Flood Mode (Internal)
  • Call Walk (Internal/External)
  • Play Spam Audio
  • Detailed Report Generation

OAT Modes

Internal Network Attack Mode

Internal Network Mode simulates attacks from the internal IP network, where the attacker has unrestricted access to shared resources and reachability to servers. OCS users are provisioned on a Domain Controller (DC) and can query the DC for data. OAT exploits internal network access by querying the DC for all the communication enabled users. It then adds these users to the attack list.

The following attacks can be performed from the internal network

  • Single user IM Flood
  • Domain IM Flood
  • Call Walk

External Network Attack Mode

External Network Attack Mode simulates the real world attack scenario in which an attacker is outside of the corporate IP network. An attacker sourced from outside of the firewall can not directly query the DC unless they know its hostname.

Once the Dictionary attack is successful against target user, OAT functions like a legitimate OCS client, registering itself with Office Communication Server. Once registered, OAT queries for the contact list of target user and uses this information to create a victim target list. This information is useful for the next attack phase.

The following tests can be performed from the external network

  • Contact List Stealing
  • List IM Flood
  • Call Walking

You can download OAT here:


Or read more here.


Recent in Hacking Tools:
- CMSmap – Content Management System Security Scanner
- Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions
- Droopescan – Plugin Based CMS Security Scanner

Related Posts:
- Gooscan – Automated Google Hacking Tool
- Microsoft Baseline Security Analyzer – Free Windows Tool
- RAWR – Rapid Assessment of Web Resources

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,891,663 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,101,810 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 635,180 views

Advertise on Darknet

Comments are closed.