25, 465 - SMTP
Theory
Simple Mail Transfer Protocol is used to send e‐mails, and it uses TCP port 25. SMTP can be used over SSL using port 465.
Methodology
Check whether the server supports the VRFY command so we can enumerate users.
Check if there is a public exploit for the target server.
Practical
Nmap Basic Enumeration
Nmap Advanced Enumeration
Enumerate Users
Netcat
Use netcat to connect to the server and look for two users:
User gus, which doesn't exist
User root, which exists on the server
Metasploit
REFERENCES
Last updated