25/TCP, 465/TCP, 587/TCP (SMTP/S)

SMTP, Simple Mail Transfer Protocol. SMTPS, Simple Mail Transfer Protocol Secure.

nc -vn <target> 25

Vulnerabilidades

nmap -p 25,465,587 --script=vuln <target> -oN nmap-vuln-SMTP.txt

Enumeración

Nmap

nmap -p 25 --script smtp-enum-users.nse <target> -oN nmap-enum-users-SMTP.txt

smtp-user-enum

smtp-user-enum -M VRFY -U /usr/share/seclists/Usernames/top-usernames-shortlist.txt -t <target> | tee smtp-user-enum-vrfy-top.txt
smtp-user-enum -M EXPN -U /usr/share/seclists/Usernames/top-usernames-shortlist.txt -t <target> | tee smtp-user-enum-expn-top.txt
smtp-user-enum -M RCPT -U /usr/share/seclists/Usernames/top-usernames-shortlist.txt -t <target> | tee smtp-user-enum-rcpt-top.txt
smtp-user-enum -M VRFY -U /usr/share/seclists/Usernames/xato-net-10-million-usernames.txt -t <target> | tee smtp-user-enum-vrfy.txt

VRFY

nc -vn <target> 25
HELO idontexist
VRFY <user>

EXPN

nc -vn <target> 25
HELO idontexist
EXPN <user>

RCPT TO

nc -vn <target> 25
HELO idontexist
MAIL FROM: user@example.com
RCPT TO: <user>

Última actualización