Penetration Testing mailing list archives
Re: Discovering users by RCPT TO
From: Marco Ivaldi <raptor () 0xdeadbeef info>
Date: Sat, 22 Jan 2005 11:46:03 +0100 (CET)
Interesting. It wouldn't be hard to make a Perl script (or other) that logs into the SMTP server, then runs through a list of predefined users to test and see if they have an account. I would call it information disclosure for sure.
Hey pen-testers, I've just released brutus.pl v0.9.2 that implements such an attack and fixes some minor reliability bugs. Brutus.pl is a simple Perl script for remote login/password bruteforce cracking. The supported protocols are: telnet, ftp, and pop3. It's also possible to get a list of valid users though smtp vrfy/expn, smtp rcpt (new), and cisco login information leak. This tool is very basic and has no multi-thread support (for real-life penetration testing you'd better take a look at thc's hydra), but it's pretty realiable and easily customizable anyway. It can be downloaded at the following url: http://www.0xdeadbeef.info/code/brutus.pl Cheers, -- Marco Ivaldi Antifork Research, Inc. http://0xdeadbeef.info/ 3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707
Current thread:
- Re: Discovering users by RCPT TO, (continued)
- Re: Discovering users by RCPT TO Kiril Todorov (Jan 13)
- Re: Discovering users by RCPT TO Chris Buechler (Jan 13)
- Re: Discovering users by RCPT TO Jay D. Dyson (Jan 14)
- Re: Discovering users by RCPT TO Vince Hoang (Jan 14)
- Re: Discovering users by RCPT TO dmz (Jan 14)
- Re: Discovering users by RCPT TO Matan Peled (Jan 15)
- Re: Discovering users by RCPT TO Faisal Khan (Jan 15)
- Re: Discovering users by RCPT TO Chris Buechler (Jan 13)
- Re: Discovering users by RCPT TO Kiril Todorov (Jan 13)
- Re: Discovering users by RCPT TO Baltasar Cevc (Jan 17)
- Re: Discovering users by RCPT TO Tobias Glemser (Jan 20)