Ports IMAP: 143 / 993
Ports POP3: 110 / 995
| Setting | Description |
|---|---|
auth_debug |
Enables all authentication debug logging. |
auth_debug_passwords |
This setting adjusts log verbosity, the submitted passwords, and the scheme gets logged. |
auth_verbose |
Logs unsuccessful authentication attempts and their reasons. |
auth_verbose_passwords |
Passwords used for authentication are logged and can also be truncated. |
auth_anonymous_username |
This specifies the username to be used when logging in with the ANONYMOUS SASL mechanism. |
nmap 10.129.14.128 -sV -p110,143,993,995 -sC
Imap:
openssl s_client -connect $HOST:imaps
curl -k 'imaps://$HOST' --user cry0l1t3:1234 -v
Pop3:
openssl s_client -connect $HOST:pop3s
WriteUp:
Figure out the exact organization name from the IMAP/POP3 service and submit it as the answer.
Found using certs (openssl…)
What is the FQDN that the IMAP and POP3 servers are assigned to?
Found using certs (openssl…)
Enumerate the IMAP service and submit the flag as the answer. (Format: HTB{...})
Found in SSL connection establishment messages.