Merge pull request #7208 from projectdiscovery/pussycat0x-patch-14

SMTP User Enumeration

network/enumeration/smtp/smtp-user-enum.yaml

@@ -0,0 +1,40 @@
+id: smtp-user-enum
+
+info:
+  name: SMTP User Enumeration
+  author: pussycat0x
+  severity: medium
+  description: |
+    enumerate the users on a SMTP server by issuing the VRFY/EXPN commands
+  reference:
+    - https://nmap.org/nsedoc/scripts/smtp-enum-users.html
+  metadata:
+    max-request: 1
+    verified: "true"
+    shodan-query: 'smtp'
+  tags: network,enum,smtp,mail
+
+tcp:
+  - inputs:
+      - data: "VRFY {{useraccounts}}\n"
+        read: 1024
+      - data: "EXPN {{useraccounts}}\n"
+        read: 1024
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:25"
+
+    attack: batteringram
+    payloads:
+      useraccounts:
+        - msfadmin
+        - admin
+        - root
+
+    matchers:
+      - type: word
+        words:
+          - "252"
+          - "250"
+        condition: or