Skip to main content

SMTP Enumeration (25)

SMTP user enumeration script


if [ "$#" -ne 2 ]; then
echo "Usage: $0 <username> <ip>"
exit 1


# Check if netcat (nc) is installed
if ! command -v nc &> /dev/null; then
echo "netcat (nc) is not installed. Please install it before running this script."
exit 1

# Connect to the SMTP server and send VRFY command
result=$(echo -e "VRFY $username\r\n" | nc -n -w 5 $ip 25)

# Print the result
echo "$result"

SEND email using netcat

nc -C 25
HELO <attackers domain> # ex.
MAIL FROM:<attacker email> #
RCPT TO:<victims email>
From: <attacker email>
To: <victim email>
Subject: <subject>
Date: Fri , 20 Jan 2023 10:00:00 +0000

<Email body>


Sendind a phising email

sudo swaks -t <TARGET EMAIL> --from <SENDER EMAIL> \
--attach @<ATTACHED FILE> --server <SMTP ADDRESS> --body @<BODY.txt FILE> \
--header "<HEADER>" --suppress-data -ap

#ex. sudo swaks -t -t
#--from --attach @payrolls.xls --server
#--body @body.txt --header "Subject: Monthly Payrolls" --suppress-data -ap