SMTP

SMTP (Simple Mail Transfer Protocol). It is utilized to handle the sending of E-Mails. In order to support E-Mail Services, a Protocol pair is used, SMTP - POP/IMAP. Together they allow the user to Send Outgoing Mail and retrieve incoming Mail.

:: SMTP
25/TCP

SMTP Functions:
- Verifies who is sending E-Mails through the SMTP Server
- Sends the outgoing Mail
- If the outgoing Mail can't be delivered it sends the Message back to the Sender

:: Banner Grabbing
nc -vn <IP> <PORT>

Automated Enumeration

smtp-user-enum -M <mode> -U <wordlist> -t <IP>

:: Metasploit
auxiliary/scanner/smtp/smtp_enum

:: NMAP
nmap --script smtp-enum-users <IP>

Manual Enumeration

:: Telnet Connection
telnet <IP> <PORT>

:: RCPT TO
HELO name
MAIL FROM:mail@mail.com
:::: Based on the Response we can Determine the Username
RCPT TO:<username>

:: VRFY
HELO
HELO name
:::: Based on the Response we can Determine the Username
VRFY <username>

:: EXPN
HELO
HELO name
:::: Based on the Response we can Determine the Username
EXPN <username>

Brute-Force

hydra -l <Username> -P <WordList> smtp://<IP>

Banner Grabbing​

Automated Enumeration​

Manual Enumeration​

Brute-Force​

Banner Grabbing

Automated Enumeration

Manual Enumeration

Brute-Force