IMAP
Nmap discovered IMAP services on the target ports 143 and 993
The running service is Dovecot imapd
Null Session
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/payday]
└─$ telnet $IP 143
Trying 192.168.198.39...
Connected to 192.168.198.39.
Escape character is '^]'.
* OK Dovecot ready.
a1 AUTHENTICATE NTLM
a1 BAD Unsupported authentication mechanism.
a1 LOGIN "" ""
* BAD [ALERT] Plaintext authentication is disabled, but your client sent password in plaintext anyway. If anyone was listening, the password was exposed.
a1 NO Plaintext authentication disallowed on non-secure connections.N/A
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/payday]
└─$ openssl s_client -connect $IP:993 -quiet
Connecting to 192.168.198.39
Can't use SSL_get_servername
depth=0 C=XX, ST=There is no such thing outside US, L=Everywhere, O=OCOSA, OU=Office for Complication of Otherwise Simple Affairs, CN=ubuntu01, emailAddress=root@ubuntu01
verify error:num=18:self-signed certificate
verify return:1
depth=0 C=XX, ST=There is no such thing outside US, L=Everywhere, O=OCOSA, OU=Office for Complication of Otherwise Simple Affairs, CN=ubuntu01, emailAddress=root@ubuntu01
verify error:num=10:certificate has expired
notAfter=May 25 02:02:48 2008 GMT
verify return:1
depth=0 C=XX, ST=There is no such thing outside US, L=Everywhere, O=OCOSA, OU=Office for Complication of Otherwise Simple Affairs, CN=ubuntu01, emailAddress=root@ubuntu01
notAfter=May 25 02:02:48 2008 GMT
verify return:1
* OK Dovecot ready.
a1 AUTHENTICATE NTLM
a1 BAD Unsupported authentication mechanism.
a1 LOGIN root root
a1 NO Authentication failed.
a1 LOGIN "" ""
a1 NO Authentication failed.IMAPs server on the target port 993 accepts CLEARTEXT authentication
However, no valid credential is known at this time