Posted by Vishnu Valentino in Tips and Trick | 5 comments
Hello everyone, We launched new Carding and Hacking forum russiancarders.cc which is 100% Free to join and you can get free credit cards, paypal, SMTP, RDP, Webmail, Mailer, Porn account, Dumps, Hacking and Carding Tutorials, and we are also doing Western Union money tranfer and Electronics Shipment and much more you cant even imagine so join now for free and enjoy all free stuffs. Full text of 'The shellcoder's handbook: discovering and exploiting security holes' See other formats.
I think everyone already know how to send an email especially the conventional email, that is why I made this tutorial about how to send email using telnet in kali linux.
The way we sending email in this tutorial is a little different than sending email using Gmail or Yahoo, because we will try to sending email by using a command prompt or terminal.
Do not confused with the title How to send email using telnet in kali linux, because the telnet protocol was same for all operating system.
First, we need to know about what is SMTP. According to Wikipedia:
Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. SMTP was first defined by RFC 821 (1982, eventually declared STD 10),[1] and last updated by RFC 5321 (2008)[2] which includes the Extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP uses TCP port 25.
Before we start:
Make sure we have access to a SMTP server. Usually when you subscribe the internet connection to ISP, they will give you access to their SMTP server or they give you one email address for you to use (In Indonesia some internet provider usually will give you 1 email account when you subscribe, that's my experience 🙂 ). The good and also the bad thing is their SMTP(Simple Mail Transfer Protocol) server doesn't need an authentication if you are inside the ISPnetwork.
Let's start the tips and trick 🙂
Step by step how to send email using telnet:
Below is the information I will use in this tips and trick:
SMTP server address: mail.vishnuvalentino.lan
SMTP server IP address: 192.168.160.174
SMTP port: 53
If you try this tutorial on windows 7 and your telnet client is disabled by default, you can enable it by read the tutorialhow to enable telnet on windows 7.
1. In this tips and trick, the case is we are inside the ISPnetwork. Let me show you the network topology where we do this.
We will do from client 1 because from this client we can send email anonymously.
2. From the intro we know that SMTP use port 25. Open the terminal or command prompt. and run the telnet command to connect to the mail server.
telnet mail.vishnuvalentino.lan 25
or
telnet 192.168.160.174 25
25 is the SMTP port, most of email server use this port to sending email.
3. Yes we can connect to that mail server(message 220). Now let's greet this mail server.
HELO mail.vishnuvalentino.lan
After we greet the mail server, we need to make sure that the server replying 250 or OK
4. After get reply message 250 from the mail server, we can start define the email sender and email recipient.
MAIL FROM: hacking-tutorial@vishnuvalentino.lan
if the sender was OK, it should replied 250.
The next step is create the recipient.
RCPT TO: [email protected]
This recipient also should return the 250 message or OK
5. If email sender and email recipient already OK, we can compose the message. type DATA and press <enter>
DATA
then create the subject of our email.
SUBJECT: Hi v4L, this is hacking-tutorial.com
and continue with the email body content…
to end the message, put the only dot (.) in a single line and press <enter>, it mean that we already finish composing the message and ready to send it.
6. The picture in step 5 shows an error, because I only use a dummy local SMTP and I'm a little lazy to configure it 🙂
But in this step if you success to send the email, the server will reply a message 'Message accepted for delivery'.
7. To quit the telnet, just type QUIT
QUIT
Conclusions:
1. Usually this method used by spammer to sending mass/bulk email since there is no authentication.
2. When you use the fake sender email address(the mail server not recognize the address), your email will go to spam folder.
3. The client 2 (see the topology) cannot send email by using the SMTP, because they outside the ISP local network, but if client 2 can own the client 1 PC, he also can send the email 🙂
hope you found it useful…
Share this article if you found it was useful:
Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by Vishnu Valentino || Visit Website : http://www.vishnuvalentino.com
- Kali Linux Tutorial
- Kali Linux Useful Resources
- Selected Reading
In this chapter, we will learn about the important password cracking tools used in Kali Linux.
Hydra
Hydra is a login cracker that supports many protocols to attack ( Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP).
To open it, go to Applications → Password Attacks → Online Attacks → hydra.
It will open the terminal console, as shown in the following screenshot.
In this case, we will brute force FTP service of metasploitable machine, which has IP 192.168.1.101
We have created in Kali a word list with extension ‘lst’ in the path usrsharewordlistmetasploit.
The command will be as follows −
where –V is the username and password while trying
As shown in the following screenshot, the username and password are found which are msfadmin:msfadmin
Johnny
Johnny is a GUI for the John the Ripper password cracking tool. Generally, it is used for weak passwords.
To open it, go to Applications → Password Attacks → johnny.
In this case, we will get the password of Kali machine with the following command and a file will be created on the desktop.
Click “Open Passwd File” → OK and all the files will be shown as in the following screenshot.
Click “Start Attack”.
After the attack is complete, click the left panel at “Passwords” and the password will be unshaded.
John
john is a command line version of Johnny GUI. To start it, open the Terminal and type “john”.
In case of unshadowing the password, we need to write the following command −
Rainbowcrack
The RainbowCrack software cracks hashes by rainbow table lookup. Rainbow tables are ordinary files stored on the hard disk. Generally, Rainbow tables are bought online or can be compiled with different tools.
To open it, go to Applications → Password Attacks → click “rainbowcrack”.
The command to crack a hash password is −
SQLdict
It is a dictionary attack tool for SQL server and is very easy and basic to be used. To open it, open the terminal and type “sqldict”. It will open the following view.
Under “Target IP Server”, enter the IP of the server holding the SQL. Under “Target Account”, enter the username. Then load the file with the password and click “start” until it finishes.
hash-identifier
It is a tool that is used to identify types of hashes, meaning what they are being used for. For example, if I have a HASH, it can tell me if it is a Linux or windows HASH.
The above screen shows that it can be a MD5 hash and it seems a Domain cached credential.