SMTP协议测试
2019-03-30 09:00:00 Author: payloads.online(查看原文) 阅读量:146 收藏

SMTP协议测试

验证是否开启VRFY

root@kali:~# telnet 222.66.*.* 25
Trying 222.66.*.*...
Connected to 222.66.*.*.
Escape character is '^]'.
220 ESMTP IMSA
VRFY ssss
502 5.5.1 VRFY command is disabled

VRFY command is disabled

root@kali:~# telnet 12.14.*.* 25
Trying 12.14.*.*...
Connected to 12.14.*.*.
Escape character is '^]'.
220 xxxx xxxx MAIL Service ready at Mon, 18 Mar 2019 16:59:09 +0800
VRFY ssss
252 2.1.5 Cannot VRFY user

可通过Kali Linux下的smtp-user-enum来进行自动化枚举:

$ smtp-user-enum -M VRFY -U users.txt -t 10.0.0.1
$ smtp-user-enum -M EXPN -u admin1 -t 10.0.0.1
$ smtp-user-enum -M RCPT -U users.txt -T mail-server-ips.txt
$ smtp-user-enum -M EXPN -D example.com -U users.txt -t 10.0.0.1

文章来源: https://payloads.online/archivers/2019-03-30/1
如有侵权请联系:admin#unsafe.sh