Skip to content

110 - Pentesting pop

Post Office Protocol (POP) is a type of computer networking and Internet standard protocol that extracts and retrieves email from a remote mail server for access by the host machine

Enumeration

nmap -p110 -sS -sC -sV $(target)
netcat -n -v $(target) 110

POP syntax

telnet 10.10.10.51 110

POP commands:
  USER uid           Log in as "uid"
  PASS password      Substitue "password" for your actual password
  STAT               List number of messages, total mailbox size
  LIST               List messages and sizes
  RETR n             Show message n
  DELE n             Mark message n for deletion
  RSET               Undo any changes
  QUIT               Logout (expunges messages if no RSET)
  TOP msg n          Show first n lines of message number msg
  CAPA               Get capabilities

Nmap

nmap --script "pop3-capabilities" -sV -p110 $(target)
nmap --script "pop3-ntlm-info" -sV -p110 $(target)