SMTP - Simple Mail Transfer Protocol- Port 25
Possible SMTP commands
1) nc <ip> 25
VRFY
2) nmap
3) telnet <ip> 25
4) smtp-user-enum
5) iSMTP
Exploitation:
Common Exploits:
https://www.exploit-db.com/exploits/34896
https://www.exploit-db.com/exploits/41672
https://www.exploit-db.com/exploits/23113
Possible SMTP commands
HELO -
EHLO - Extended SMTP.
STARTTLS - SMTP communicted over unencrypted protocol. By starting TLS-session we encrypt the traffic.
RCPT - Address of the recipient.
DATA - Starts the transfer of the message contents.
RSET - Used to abort the current email transaction.
MAIL - Specifies the email address of the sender.
QUIT - Closes the connection.
HELP - Asks for the help screen.
AUTH - Used to authenticate the client to the server.
VRFY - Asks the server to verify is the email user's mailbox exists.1) nc <ip> 25
VRFY
2) nmap
nmap –script=smtp-commands,smtp-enum-users,smtp-vuln-cve2010-4344,smtp-vuln-cve2011-1720,smtp-vuln-cve2011-1764 -p 25 10.0.0.1
3) telnet <ip> 25
4) smtp-user-enum
smtp-user-enum -M VRFY -U /root/sectools/SecLists/Usernames/Names/names.txt -t <victim_ip>5) iSMTP
ismtp -h <victim_ip>:25 -e /root/Downloads/email.txt
6) Metasploituse auxiliary/scanner/smtp/smtp_enum
msf auxiliary(smtp_enum) > set rhosts <victim_ip>
msf auxiliary(smtp_enum) > set rport 25
msf auxiliary(smtp_enum) > set USER_FILE /root/Desktop/user.txt
msf auxiliary(smtp_enum) > exploit
Exploitation:
Common Exploits:
https://www.exploit-db.com/exploits/34896
https://www.exploit-db.com/exploits/41672
https://www.exploit-db.com/exploits/23113
No comments:
Post a Comment