E-mail servers can give a lot of data for hackers and penetration testers. For e-mail to function properly, external traffic must move through your border devices like routers and firewalls, to an internal device, typically somewhere inside your protected networks.
As a result of this, we can usually collect important pieces of data by interacting directly with the e-mail server. One of the first things to do when trying to recon an e-mail server is to send an e-mail to the company with an empty .bat file or an any.exe file like calc.exe. In this example, the idea is to send a message to the target e-mail server inside the company in the hope of having the e-mail server inspect, and then reject the message.
Once the refused message is returned back to us, we can try to extract data from the targeted e-mail server. In many situations, the body of the message will include some info saying that the server does not accept e-mails with probably dangerous extensions. This message usually indicates the particular vendor and version of antivirus that was used to scan the e-mail. As an attacker or a pen tester, this is a big piece of information to obtain.
Latest posts by Unallocated Author (see all)
- PrepAway – An Interactive Environment for Vmware Certification Exams Preparation - September 12, 2019
- Is it Important to Communicate with Other Hackers Across the Globe? - September 11, 2019
- How to Protect your Online Data in 2019 - September 11, 2019