IMAP/POP3 (110,143,993,995)

Footprinting using NMAP

sudo nmap 10.129.14.128 -sV -p110,143,993,995 -sC

Connecting to the server

curl -k 'imaps://10.129.14.128' --user user:p4ssw0rd

Connecting to the server with SSL/TLS

POP3S

openssl s_client -connect 10.129.14.128:pop3s

IMAPS

openssl s_client -connect 10.129.14.128:imaps

IMAP commands

Logging in

a login rednorth password123

List Folders

a LIST "" "*"

Select Inbox

a select INBOX

View status (message count)

a status INBOX (messages)

Read a message

a uid fetch 1 body.peek[]

Notes:

Port 110 - POP3 Port 143 - IMAP Port 995 - POP3S Port 993 - IMAPS

Feature

POP3

IMAP

Access

Downloads emails from server to local device

Accesses emails directly on server

Offline access

Limited, as emails are downloaded to local device

Full access, as emails remain on server

Synchronization

No synchronization, emails are deleted from server once downloaded

Synchronization possible, emails can be accessed and managed across multiple devices

Folder support

No support for folders or labels

Supports folders and labels for organization

Searchability

Limited, as search is limited to local device

Enhanced search capabilities on the server

Email management

Limited to simple actions like listing, retrieving, and deleting

Advanced management options, such as marking emails as read/unread, moving/copying to folders, etc.

Security

Uses SSL/TLS for secure communication

Uses SSL/TLS for secure communication

IMAP Commands

Command

Description

1 LOGIN username password

User's login.

1 LIST "" *

Lists all directories.

1 CREATE "INBOX"

Creates a mailbox with a specified name.

1 DELETE "INBOX"

Deletes a mailbox.

1 RENAME "ToRead" "Important"

Renames a mailbox.

1 LSUB "" *

Returns a subset of names from the set of names that the User has declared as being activeor subscribed.

1 SELECT INBOX

Selects a mailbox so that messages in the mailbox can be accessed.

1 UNSELECT INBOX

Exits the selected mailbox.

1 FETCH <ID> all

Retrieves data associated with a message in the mailbox.

1 CLOSE

Removes all messages with the Deletedflag set.

1 LOGOUT

Closes the connection with the IMAP server.

POP3 Commands

Command

Description

USER username

Identifies the user.

PASS password

Authentication of the user using its password.

STAT

Requests the number of saved emails from the server.

LIST

Requests from the server the number and size of all emails.

RETR id

Requests the server to deliver the requested email by ID.

DELE id

Requests the server to delete the requested email by ID.

CAPA

Requests the server to display the server capabilities.

RSET

Requests the server to reset the transmitted information.

QUIT

Closes the connection with the POP3 server.

Misconfiguration

User Enumeration

USER john

PreviousSMTP (25,465,587)NextInteracting with Email

Last updated