SMTP Enumeration
SMTP Enumeration
Download This Page
SMTP (Simple Mail Transfer Protocol) is a set of communication guidelines that allow web applications to perform communication tasks over the internet, including emails. It is a part of the TCP/IP protocol and works on moving emails across the network. SMTP enumeration allows us to identify valid users on the SMTP server. This is done with the built-in SMTP commands using them. VRFY – This command is used to authenticate the user. EXPN – This command displays the actual mailing address for aliases and mailing lists. RCPT TO – It identifies the recipient of the message. SMTP enumeration is a technique used to enumerate the SMTP service that is running on the target server.
Pre-Defined Commands:
- VRFY: It is used to validate the user on the server.
- EXPN: It is used to find the delivery address of mail aliases
- RCPT TO: It points to the recipient’s address.
Test for SMTP Enumeration:
SMTP enumeration can be performed by using different tools and scripts like telnet, Nmap,and smtp-user-enum.
1. Using Telnet for SMTP enumeration:
Telnet comes in handy in SMTP enumeration as it provides a communication channel with the host.
$ telnet <domain name/ip> <port no.>
Example:
later you can use EXPN, MAIL FROM, and RCPT TO after connecting to the target host.
2. Using Nmap for SMTP enumeration:
Nmap is a powerful tool and is used in different enumeration phases. Nmap provides special scripts for SMTP enumeration. smtp-enum-users is one of the scripts that is provided by Nmap.
$sudo nmap -p 25 --script = smtp-enum-users <target Domain/IP>
Example:
SMTP enumeration using Nmap
3. Using Metasploit for SMTP Enumeration:
Metasploit provides two SMTP auxiliary Modules i.e., smtp_enum and smtp_version. Both are used for SMTP enumeration and provide adequate information about the SMTP server.
smtp_enum:
msf > use auxiliary/scanner/smtp/smtp_enum msf auxiliary(smtp_enum) set RHOSTS <IP address/target> msf auxiliary(smtp_enum) > set rport 25 msf auxiliary(smtp_enum) set USER_FILE <address of file> msf auxiliary(smtp_enum) run
Example:
smtp_version:
msf > use auxiliary/scanner/smtp/smtp_version msf auxiliary(smtp_version) > set RHOSTS <IP address of target> msf auxiliary(smtp_version) > set threads 250 msf auxiliary(smtp_version) > run
Example:
Download This Page
more
Durex India customers may have leaked online
Durex India, a well-known brand for condoms and personal lubricants, has accidentally exposed sensitive information of its customers through its official website. TechCrunch was the first one to report about this breach, which has raised serious concerns about privacy and security, especially considering the intimate nature of the products involved.
Durex India customers may have leaked online
Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics
Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
India ranks number 10 in cybercrime
Facebook Ads Lead to Fake Websites Stealing Credit Card Information
cyber scam of ₹1.3 crore in Bengaluru to 77-year old woman
