Attacking Common Services - Attacking Email Services (SMTP)

Hello, I tried to solve the first question but haven’t succeeded. Tried most of the commands but it didn’t work. The one that i think that is close enough is:

smtp-user-enum -M VRFY -U username.txt -D inlanefreight.htb -t [IP] -w 180

Please help me, thank you

SMTP is a transfer protocol whereas POP3 and IMAP are message retrieval protocols. Think about the purpose of each and which one could be used to view email messages.

Thanks Jlug. got there in the end :slight_smile:

1 Like

Check “Footprinting IMAP/POP3” module. It will help a lot. And of course, you have to retrieve a mail for the flag so think about the correct protocol.

any hint stuck in finding password

Hint from @pnebot is the one. Use the wordlist from the resources. If you still dont get, increase the timeout(atleast more than 40)

i got the username m**** and password p****** but when i try to login i get authentication error can someone help me

ps: login on pop3 instead of smtp (learnt this the hard way after wasting 2 hours GG)

So I found that after about 30 minutes, for whatever reason, the email services on the target stop. So ports 25, 110, 143, and 587 are no longer available after some time. If you’re having issues brute forcing the target, terminate the target box and launch it again. Brute force immediately and you should come up with finding the password.

The user name is marlin@inlanefreight.htb instead of marlin.
hydra -l marlin@inlanefreight.htb -P HTB/pws.list pop3://10.129.203.12 -t 10

I’m stuck… I have a creds and access to smtp and imap, but can’t find flag… Any ideas?


i’ve tried serval times , but result is 0, did my command wrong?

Hey there,
i have a issues with the smtp-user-enum Tool. I’m not sure where i should place the port.
But the commands here and the --help show it should work.
Thanks for the help!

the port option must be -u so u can try -u 25

1 Like