SMTP
Simple Mail Transfer Protocol
Check if sender could be forged with an domain user:
$ telnet mail.example.com 25
HELO example.com
MAIL FROM: <[email protected]>
RCPT TO: <[email protected]>
RCPT TO: <[email protected]>
Check if sender could be forged with a non-domain user:
$ telnet mail.example.com 25
HELO example.com
MAIL FROM: <[email protected]>
RCPT TO: <[email protected]>
RCPT TO: <[email protected]>
Check if domain users could be enumerated with VRFY
and EXPN
:
$ telnet mail.example.com 25
HELO example.com
VRFY [email protected]
EXPN [email protected]
Check if users could be enumerated with RCPT TO
:
$ telnet mail.example.com 25
HELO example.com
MAIL FROM: <...>
RCPT TO: <[email protected]>
DATA
From: <...>
To: <[email protected]>
Subject: Job offer
Hello, I would like to offer you a great job!
.
QUIT
RCPT
smtp-enum
$ ./main.py -d megacorp.com -s 10.10.13.37 -f accounts.txt -m rcptto -o valid.txt
smtp-user-enum
$ smtp-user-enum -M RCPT -f '<[email protected]>' -u '<[email protected]>' -t mx.megacorp.com
$ smtp-user-enum -M RCPT -D megacorp.com -U users.txt -t mx.megacorp.com
SPF/DKIM/DMARC
Tools
swaks
$ swaks --to [email protected] --from [email protected] --header 'Subject: Hello, friend' --body 'Hack the Planet!' --server 192.168.1.11 --attach hello.doc
Last updated