The gMan nixWiki

Because the mind is made of Teflon...

User Tools

Site Tools

You are here: start » method_2_recon
method_2_recon

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
method_2_recon [2022/12/31 00:26] – [FOCA] gmanmethod_2_recon [2022/12/31 22:10] (current) – [SMTP] gman
Line 253: Line 253:
  
 Example syntax: ''dnsenum --enum google.com'' Example syntax: ''dnsenum --enum google.com''
 +
 +===== SMTP =====
 +
 +**Simple Mail Transfer Protocol (SMTP):** A vintage email sending protocol.
 +  * No much built in security.
 +  * Runs on port 25.
 +
 +You can gather info on SMTP by telnetting to the service port (25) and grabbing the banner information and then using [[https://cr.yp.to/smtp/vrfy.html |VRFY and/or EXPN]] to gather more info. Example sytax:
 +
 +<code>
 +telnet example.server.com 25
 +
 +# once connected, type:
 +VRFY [username]
 +# or
 +EXPN [user_alias]
 +</code>
 +
 +**Exploits:** SMTP exploits are usually associated with a vulnerable version.
 +  * Connect (by telnet). Grab banner info (VRFY, EXPN).
 +  * This should give you a clue as to the SMTP version on your target.
 +===== SNMP =====
 +
 +You can use SNMP to gather information on a system //**if**// you have access to the system //**and**// you know the "read" community string (which is often: ''public'').
 +
 +**Tools:**
 +  - [[https://www.kali.org/tools/snmpenum/ | snmpenum]]
 +  - [[http://www.net-snmp.org/wiki/index.php/Snmpwalk | snmpwalk]]
 +
 +<code>
 +# Example syntax for snmpwalk, assuming 'public' as the community string
 +snmpwalk -c public -v1 192.168.1.1
 +</code>
 +
  
 ---- ----
method_2_recon.1672446405.txt.gz · Last modified: by gman