IMAP POP3
ℹ️ Informations¶
- 🌐 Website: HackTheBox
- 📚 Module: Footprinting
- 🔗 Link: IMAP POP3
❓Question¶
Figure out the exact organization name from the IMAP/POP3 service and submit it as the answer.
📋 Walkthrough¶
Let's nmap the target on in scope ports
sudo nmap 10.129.205.130 -sV -p110,143,993,995 -sC
PORT STATE SERVICE VERSION
110/tcp open pop3 Dovecot pop3d
|_pop3-capabilities: SASL CAPA RESP-CODES TOP STLS AUTH-RESP-CODE PIPELINING UIDL
| ssl-cert: Subject: commonName=***.inlanefreight.htb/organizationName=In*********** ***/stateOrProvinceName=London/countryName=UK
| Not valid before: 2021-11-08T23:10:05
|_Not valid after: 2295-08-23T23:10:05
143/tcp open imap Dovecot imapd
| ssl-cert: Subject: commonName=***.inlanefreight.htb/organizationName=In*********** ***/stateOrProvinceName=London/
|_Not valid after: 2295-08-23T23:10:05
...
Answer
In*********** ***
❓Question¶
What is the FQDN that the IMAP and POP3 servers are assigned to?
📋 Walkthrough¶
From the previous output
Answer
***.inlanefreight.htb
❓Question¶
Enumerate the IMAP service and submit the flag as the answer. (Format: HTB{...})
📋 Walkthrough¶
Let's run this command:
Answer
HTB{******************************}
❓Question¶
What is the customized version of the POP3 server?
📋 Walkthrough¶
Let's run this command:
Answer
InFreight POP3 v*.***
❓Question¶
What is the admin email address?
📋 Walkthrough¶
Let's login using robin:robin as provided. I use Evolution tool
Answer
********@inlanefreight.htb>
❓Question¶
Try to access the emails on the IMAP server and submit the flag as the answer. (Format: HTB{...})
📋 Walkthrough¶
From previous answer, we can get the email
Answer
HTB{**************************}