SMTP is a mail protocol, which is used to enumerate users and send phising maills to the existing user

User Enumeration


nc 25
<banner> # check for vulnerability with banner
HELO # start the connection
ELHO all
VRFY root # verify root user
mail from: [email protected] # attacker mail
rcpt to: [email protected] # verify user with recipient


smtp-user-enum -M RCPT -U /usr/share/seclists/Usernames/top-usernames-shortlist.txt -t $ip

Phishing Mails

  • Send automated phising links to a bunch of users
  • PREREQUISITE: Users emails
# listen on the port
nc -lvnp 1234
# send mail to all the users with swaks
swaks --to $(cat files/mailuers.txt | tr '\n' ',' | less) --from [email protected] --header "Subject: test" --body "please click here" --server $ip