SMTP question

killerxkiller · October 3, 2024, 12:15am

you are a savior
Thank You

Teodora002 · October 3, 2024, 1:45pm

I can’t figure it out. Please give me the answer what the f is the user name :(( I’m gettind annoyed .

b15h09 · October 7, 2024, 4:51am

I don’t believe what you are saying is right. I didn’t have to mess with any timeout settings for the solution. What they probably meant is that it can take a long time to enumerate through the wordlist used due to the nature of the enumeration(using the VRFY command, which if you use it within telnet, takes a few seconds to illicit a response).

b15h09 · October 7, 2024, 5:01am

On the top right of the screen there is a button that says “Resources”. Click on it and there is a download option. It took me a while to figure out, but all I was missing was that wordlist. I tried several other ones for hours with no luck.

If you’re using pwnbox, you can download it onto the VM by using the “wget” command. It will download into your current directory.

You could use smtp-user-enum, but there are other options like smtp-enum in the popular framework(for this you just have to set your USER_FILE to the wordlist provided by HTB).

I would search online for “SMTP Enumeration”, as there are many great guides. If you haven’t used the popular framework yet, I would recommend the course in the Penetration Tester Job Role Path before moving forward.

I hope that helps. I know it can be frustrating from my own experiences, but it’s worth it when you know what to do down the road from all the skills you’ve learned. You got this

ryz3nx · November 22, 2024, 7:57am

Thanks bro, i just figured out for the first time

Jokester · November 24, 2024, 12:03pm

use this bro and pray for me

msfconsole
use auxiliary/scanner/smtp/smtp_enum
set RHOSTS 10.129.108.148
set RPORT 25
set USER_FILE /path/to/user_list.txt
run

Jokester · November 24, 2024, 12:05pm

use this bro and pray for me

msfconsole
use auxiliary/scanner/smtp/smtp_enum
set RHOSTS 10.129.108.148
set RPORT 25
set USER_FILE /path/to/user_list.txt
run

roosterjam1978 · January 26, 2025, 12:21pm

I got stuck on this all night, It took me ages to figure out what I was doing wrong, I was using the VRFY method but had also specified the domain with -D inlanefreight.htb, don’t do this because it will verify any username with this subdomain, like a few others said, look at the query timeout with -w, the default is 5 experiment with what the hint says and you should get it !

a1ba · March 11, 2025, 10:38am

@Filthyone Thank you so much! Your instructions were clear! Done without the popular framework

Topic		Replies	Views
Academy - Footprinting -SMTP	49	10906	December 6, 2024
Footprinting Module - SMTP user enum Academy	9	5051	January 21, 2023
Attacking Common Services - Attacking Email Services (SMTP) Academy	36	8734	December 26, 2024
Attacking Common Services - Easy - smtp-user-enum does not find any users Academy academy	1	264	November 28, 2024
Attacking Common Services - Easy - Finding User Account to Brute Force Academy	6	1723	June 5, 2023

SMTP question

Related topics