Collecting valid e-mail accounts
Valid e-mail accounts are very handy to penetration testers since they can be used for exploiting trust relationships in phishing attacks, brute-force password auditing to mail servers, and as usernames in many IT systems.
This recipe illustrates how to get a list of valid public e-mail accounts by using Nmap.
Getting ready
The script http-google-email
is not included in Nmap's official repository. So you need to download it from http://seclists.org/nmap-dev/2011/q3/att-401/http-google-email.nse and copy it to your local scripts directory. After copying http-google-email.nse
, you should update the script database with:
#nmap --script-updatedb
How to do it...
Open your favorite terminal and type:
$nmap -p80 --script ...
Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.