.

Hydra Help SMTP & POP3 Authen

<<

Blaze

Newbie
Newbie

Posts: 9

Joined: Fri Apr 02, 2010 1:08 am

Post Sat Apr 03, 2010 4:51 am

Hydra Help SMTP & POP3 Authen

I just started using Hydra. Got a successful authentication over a pop3 service.
Trying the same username and password over the smtp service using hydra's "smtp-auth" module.
My understanding was hydra can try dictionary attack over an smtp service which uses NTLM hashing, my enumerationg results over the listening smtp confirms that it uses NTLM authen type.

Yet using Hydra gives me the following results:

command:  hydra -l username -p password(text) -o output.txt -v -V xxx.xxx.xxx.xxx

Output    Error: SMTP AUTH LOGIN error: 504 5.7.4 unrecognized authentication type
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Apr 03, 2010 8:48 am

Re: Hydra Help SMTP & POP3 Authen

Are you sure SMTP is requiring authentication? I don't see that too often; it's usually just restricted by IP address. What happens if you connect to that service via Netcat?
The day you stop learning is the day you start becoming obsolete.
<<

Blaze

Newbie
Newbie

Posts: 9

Joined: Fri Apr 02, 2010 1:08 am

Post Sat Apr 03, 2010 9:08 am

Re: Hydra Help SMTP & POP3 Authen

netcat prints out an error when i use EHLO with a mail domain.
Although when i telnet with the same:

c:\> telnet mail.domain.com 25

220 exch01.mail.domain.com Microsoft ESMTP MAIL Service ready at Sat, 3 Apr 2
010 19:05:06 +0500

EHLO mail2.domain.com

250-exch01.mail.domain.com Hello [xxx.xxx.xxx.xxx]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST

looking at the output it does seem to be accepting authentication requests.

Also strictly for my knowledge, when you asked me if i was sure whether smtp requires authentication. How would a user be able to send mail if that was not the case?

tx
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Sat Apr 03, 2010 9:31 am

Re: Hydra Help SMTP & POP3 Authen

It also lists an Anonymous protocol option there.  Try taking it further and sending an email through telnet without authentication.  Some SMTP servers will require authentication, some will not.  Some will just filter your ability to relay based on IP restrictions.  Most servers will allow you to relay anonymously to the domains they are responsible for.
~~~~~~~~~~~~~~
Ketchup
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Tue Apr 06, 2010 3:43 am

Re: Hydra Help SMTP & POP3 Authen

Ketchup wrote:It also lists an Anonymous protocol option there.   Try taking it further and sending an email through telnet without authentication.   Some SMTP servers will require authentication, some will not.   Some will just filter your ability to relay based on IP restrictions.   Most servers will allow you to relay anonymously to the domains they are responsible for.


this should get you a step further. Would you be so kind to post the results?
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software