Postfix Recon: Basics

Lab Environment

In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at demo.ine.local.

Objective: Answer the following questions:

What is the SMTP server name and banner.
Connect to SMTP service using netcat and retrieve the hostname of the server (domain name).
Does user “admin” exist on the server machine? Connect to SMTP service using netcat and check manually.
Does user “commander” exist on the server machine? Connect to SMTP service using netcat and check manually.
What commands can be used to check the supported commands/capabilities? Connect to SMTP service using telnet and check.
How many of the common usernames present in the dictionary /usr/share/commix/src/txt/usernames.txt exist on the server. Use smtp-user-enum tool for this task.
How many common usernames present in the dictionary /usr/share/metasploit-framework/data/wordlists/unix_users.txt exist on the server. Use suitable metasploit module for this task.
Connect to SMTP service using telnet and send a fake mail to root user.
Send a fake mail to root user using sendemail command.

Tools

Nmap
telnet
nc
Metasploit Framework

Writeup

nmap -sV -p 25 demo.ine.local

nc demo.ine.local 25

EHLO example.com

VRFY admin

VRFY commander

smtp-user-enum -M VRFY -U /usr/share/commix/src/txt/usernames.txt -t demo.ine.local

msfconsole
use auxiliary/scanner/smtp/smtp_enum
set RHOSTS demo.ine.local
set USER_FILE /usr/share/metasploit-framework/data/wordlists/unix_users.txt
run

PreviousSSH Login NextAssessment Methodologies: Vulnerability Assessment

Last updated 11 days ago