Brute-forcing POP3 passwords
Mail servers are always an attractive target as they store a lot of information in organizations. Attackers can guess weak passwords and access sensitive corporate data. As penetration testers, we must detect poorly designed password policies to prevent these attacks.
This recipe will show you how to launch dictionary attacks against POP3 servers with Nmap.
How to do it...
To launch a dictionary attack against POP3 with Nmap, enter the following command:
$ nmap -p110 --script pop3-brute <target>
Any valid accounts will be listed in the script output section:
PORT STATE SERVICE 110/tcp open    pop3 | pop3-brute: webmaster : abc123 |_acc1 : password
How it works...
The pop3-brute
script was submitted by Philip Pickering, and it performs brute-force password auditing against POP3 servers. By default, this script uses the /nselib/data/usernames.lst
and /nselib/data/passwords.lst
word lists, but you can change...