The Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. POP version 3 (POP3) is the most commonly used version. Together with IMAP, it is one of the most common protocols for email retrieval.
Netcat
Banner grabbing
nc -nv x.x.x.x 110
USER username
PASS password
Read emails
TIP: Install Thunderbird client (sudo apt install thunderbird).
nc x.x.x.x 110
USER username
PASS password
LIST
RETR 1
RETR 2
...
QUIT
Nmap scripts
ls -la /usr/share/nmap/scripts/pop3*
IP=x.x.x.x
WL=/usr/share/wordlists/rockyou.txt
USERS=/usr/share/seclists/Usernames/top-usernames-shortlist.txt
nmap --script pop3-brute -p 110 $IP --script-args userdb=${USERS},passdb=$WL
read_emails_pop3.py
#!/usr/bin/python3
# https://docs.python.org/3/library/poplib.html
from getpass import getpass
import poplib
def pop3_login(server, username, password):
pop3 = poplib.POP3(server, port=110, timeout=10)
#pop3 = poplib.POP3_SSL(server, port=995, timeout=10)
#pop3.set_debuglevel(2)
welcome_msg = pop3.getwelcome().decode('utf-8')
print(welcome_msg)
try:
print("INFO: Login on " + server + " with user " + username)
pop3.user(username)
pop3.pass_(password)
# Read emails
numMessages = len(pop3.list()[1])
for i in range(numMessages):
for j in pop3.retr(i+1)[1]:
print(j)
pop3.quit()
except Exception as e:
print("ERROR: Login failed.")
print(e)
# Read emails
server='x.x.x.x'
pop3_login(server, 'user1', 'password1')
pop3_login(server, 'user2', 'password2')