Brute Forcing smtp with Hydra

THC-Hydra – A very fast network logon cracker which support many different services. See feature sets and services coverage page – incl. a speed comparison against ncrack and medusa.

 

Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks.

SMTP was first defined by RFC 821 (1982, eventually declared STD 10),[1] and last updated by RFC 5321 (2008)[2] which includes the Extended SMTP (ESMTP) additions. SMTP uses TCP port 25. The protocol for new submissions (MSA) is effectively the same as SMTP, but it uses port 587 instead. SMTP connections secured by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in its own right. While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail applications typically use SMTP only for sending messages to a mail server for relaying.

For receiving messages, client applications usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system (such as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a mail server.

 

hydra -s 25 -v -V -l test@example.com -P /path/to/password/list.lst -t 1 -w 20 -f 192.168.10.5 smtp

-l LOGIN name
-P load several passwords from FILE
-s port
-v verbose mode
-V show login+pass combination for each attempt
-t run TASKS number of connects in parallel
-w waittime for responses (32s) / between connects per thread
-f exit after the first found login/password pair

 

Categories: Brute-force, hydra, SMTP Tags: , , ,
%d bloggers like this: