SMTP (25,587)

The Simple Mail Transfer Protocol (SMTP) is used to send emails on ports 25 and 587. The former is used used mainly for server-to-server email delivery and is often blocked by ISPs to prevent spam. The latter is used by users to send emails through their mail provider and it requires authentication (username & password); it is the modern, secure way to submit outgoing mail.

# Connect to SMTP server
telnet mail.example.com 25
openssl s_client -connect <ip>:587

# Greet the server
HELO attacker.com
# or
EHLO attacker.com          # Extended SMTP (for authentication & more)

# Specify the sender email
MAIL FROM:<sender@example.com>

# Specify the recipient email
RCPT TO:<recipient@example.com>

# Start composing the email message
DATA

# Write email headers and body (end with a single dot '.' on a line)
Subject: Test Email

This is the email body.
.

# Authenticate using base64 encoded username and password (if needed)
AUTH LOGIN
<base64-username>
<base64-password>

# Close the session
QUIT

Communication

swaks --to x1337@hacking.com --from x7331@hacking.com --header "Subject: Hello" --body @body.txt --attach @config.Lib-ms --server 192.168.1.1 --port 25 --auth LOGIN --auth-user x7331@hacking.com --auth-password 'Pass123!'

PreviousMail NextPOP3 (110,995)

Last updated 1 month ago

Was this helpful?