E-mail servers can give a lot of data for hackers and penetration testers. For e-mail to function properly, external traffic must move through your border devices like routers and firewalls, to an internal device, typically somewhere inside your protected networks.
As a result of this, we can usually collect important pieces of data by interacting directly with the e-mail server. One of the first things to do when trying to recon an e-mail server is to send an e-mail to the company with an empty .bat file or an any.exe file like calc.exe. In this example, the idea is to send a message to the target e-mail server inside the company in the hope of having the e-mail server inspect, and then reject the message.
Once the refused message is returned back to us, we can try to extract data from the targeted e-mail server. In many situations, the body of the message will include some info saying that the server does not accept e-mails with probably dangerous extensions. This message usually indicates the particular vendor and version of antivirus that was used to scan the e-mail. As an attacker or a pen tester, this is a big piece of information to obtain.
Latest posts by Unallocated Author (see all)
- Another Commercial WordPress Plugin Gets Exploited - February 17, 2019
- A Further 127 Million User Records Found For Sale on The Dark Web - February 15, 2019
- Google Play Store Malicious App Detection Up By Over 50% - February 14, 2019