Collecting valid e-mail accounts
Valid e-mail accounts are very handy to penetration testers since they can be used for exploiting trust relationships in phishing attacks, brute-force password auditing to mail servers, and as usernames in many IT systems.
This recipe illustrates how to get a list of valid public e-mail accounts by using Nmap.
Getting ready
The script http-google-email is not included in Nmap's official repository. So you need to download it from http://seclists.org/nmap-dev/2011/q3/att-401/http-google-email.nse and copy it to your local scripts directory. After copying http-google-email.nse, you should update the script database with:
#nmap --script-updatedb
How to do it...
Open your favorite terminal and type:
$nmap -p80 --script ...Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
