User Tools

Site Tools


smtp-user-enum

smtp-user-enum Package Description

smtp-user-enum is a tool for enumerating OS-level user accounts on Solaris via the SMTP service (sendmail). Enumeration is performed by inspecting the responses to VRFY, EXPN and RCPT TO commands. It could be adapted to work against other vulnerable SMTP daemons, but this hasn’t been done as of v1.0.

Installation smtp-user-enum is just a stand alone PERL script, so installation is as simple as copying it to your path (e.g. /usr/local/bin). It has only been tested under Linux so far.

It depends on the following PERL modules which you may need to install first:

Socket IO::Handle IO::Select IO::Socket::INET Getopt::Std If you have PERL installed, you should be able to install the modules from CPAN:

# perl -MCPAN -e shell cpan> install Getopt::Std Usage smtp-user-enum simply needs to be passed a list of users and at least one target running an SMTP service.

smtp-user-enum v1.0 ( http://pentestmonkey.net/tools/smtp-user-enum )

Usage: smtp-user-enum.pl [options] (-u username|-U file-of-usernames) (-t host|-T file-of-targets)

options are:

  1. m n Maximum number of processes (default: 5)
  2. M mode Method to use for username guessing EXPN, VRFY or RCPT (default: VRFY)
  3. u user Check if user exists on remote system
  4. f addr From email address to use for “RCPT TO” guessing (default: user@example.com)
  5. D dom Domain to append to supplied user list to make email addresses (Default: none)

Use this option when you want to guess valid email addresses instead of just usernames

               e.g. "-D example.com" would guess foo@example.com, bar@example.com, etc.  Instead of
                    simply the usernames foo and bar.
       -U file  File of usernames to check via smtp service
       -t host  Server host running smtp service
       -T file  File of hostnames running the smtp service
       -p port  TCP port on which smtp service runs (default: 25)
       -d       Debugging output
       -t n     Wait a maximum of n seconds for reply (default: 5)
       -v       Verbose
       -h       This help message

Source: http://pentestmonkey.net/tools/user-enumeration/smtp-user-enum

smtp-user-enum Homepage | BlackWeb sparta Repo

smtp-user-enum.txt · Last modified: 2019/05/01 14:51 by admin

(C) BlackWeb Security 2017 - 2020