SMTP Enumeration

SMTP Enumeration

Simple Mail Transfer Protocol has VRFY request asks the server to verify an email address, while EXPN asks the server for the membership of a mailing list. PORT 25

  • Manual

    • nc -nv <ip> 25

    • VRFY <user> if user not exist in mail server , it give error

  • Automated script

    <aside> 🐍 #!/usr/bin/python

    import socket import sys

    if len(sys.argv) != 3: print(f"Usage: {sys.argv[0]} <ip_address> <username_file>") sys.exit(0)

    #Read the IP address and file name from the command line arguments

    ip_address = sys.argv[1] filename = sys.argv[2]

    #Read usernames from the text file

    try: with open(filename, "r") as f: usernames = f.read().splitlines() except IOError: print(f"Error: Unable to read from file '{filename}'") sys.exit(1)

    #Create a Socket

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    #Connect to the Server

    connect = s.connect((ip_address, 25))

    #Receive the banner

    banner = s.recv(1024)

    print(banner)

    #Loop through each username and VRFY

    for username in usernames: s.send(f'VRFY {username}\r\n') result = s.recv(1024)

     print(result)

    #Close the socket s.close()

    </aside>

  • Send Mail on SMTP

    • telnet <ip> 25

    • Set sender’s email MAIL FROM: sender@adress.ext

    • Set recipient mail RCPT TO: recipient@adress.ext

    • To write the message, type DATA and press ‘Enter’ DATA

    • On the first line type ‘SUBJECT: Your Subject’ and press ‘Enter’ twice SUBJECT: Your Subject

    • Continue typing your message like Hello, this is test message

    • Put a single period (.) on a line by itself and press ‘Enter’ to send your message. .

    • Close the connection QUIT

    Reference: https://www.shellhacks.com/send-email-smtp-server-command-line/

PreviousNFS EnumerationNextSNMP Enumeration

Last updated