Testing for users using SMTP VRFY
Now that we have a list of usernames and we know that SMTP is open, we need to see if VRFY
is enabled. This is extremely simple, all you do is telnet into port 25 and execute the command VRFY
followed by a word and hit enter. The great part about checking for usernames this way is that if VRFY
is enabled, something is wrong with the secure deployment practices, and if it is Internet facing, they are likely not monitoring it. Reduce the number of credential attack guesses in an online credential attack against an interface will reduce the chances of being caught. The simple commands to execute this are shown in the following figure:
We did not get a hit for smith, but perhaps others will confirm during this attack. ...
Get Learning Penetration Testing with Python now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.