SMTP
Pentesting on SMTP
SMTP Protocol
SMTP - 25
- SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving email. SMTP is used most by email clients, including Gmail, Outlook, Apple Mail and Yahoo Mail. SMTP can send and receive email, but email clients typically use a program with SMTP for sending email.
- The default Port number is 25.
1. The Mail server accepts the VRFY and EXPN commands.
Step 1: Go to the Command Prompt. Step 2: Connect to the IP address by entering the following command:
1
telnet <target iP> 25
Step 3: Then, enter the following command:
EXPN root
VRFY root Step 4: The following screenshot shows that the EXPN and VRFY commands are supported by the Mail server and users present on the server can be verified using these commands.
2. SMTP Open Mail Relay
Case 1: Internal to Internal user Step 1: Open the “Swaks” tool and enter the following command in Command Prompt:
Case 2: External to Internal user Open the “Swaks” tool and enter the following command in Command Prompt:
1
Swaks --server <IP> --from [email protected] --to [email protected] --body "You are hacked”.
Note: There is other 2 Possible cases are.
• Internal to External User • External to External User