SMTP协议测试

验证是否开启VRFY

root@kali:~# telnet 222.66.*.* 25
Trying 222.66.*.*...
Connected to 222.66.*.*.
Escape character is '^]'.
220 ESMTP IMSA
VRFY ssss
502 5.5.1 VRFY command is disabled

VRFY command is disabled

root@kali:~# telnet 12.14.*.* 25
Trying 12.14.*.*...
Connected to 12.14.*.*.
Escape character is '^]'.
220 xxxx xxxx MAIL Service ready at Mon, 18 Mar 2019 16:59:09 +0800
VRFY ssss
252 2.1.5 Cannot VRFY user

可通过Kali Linux下的smtp-user-enum来进行自动化枚举:

$ smtp-user-enum -M VRFY -U users.txt -t 10.0.0.1
$ smtp-user-enum -M EXPN -u admin1 -t 10.0.0.1
$ smtp-user-enum -M RCPT -U users.txt -T mail-server-ips.txt
$ smtp-user-enum -M EXPN -D example.com -U users.txt -t 10.0.0.1