I figured that i should educate y'all... knowledge is power
afterall...
and some other shit like that... anyway...
POP3 - What the fu*k?
=====================
POP3 = Post Office Protocol - Version 3
POP3 is a Mail Service that operates on TCP port 110. It is the
most
popular mail service used today, yet it's painfully basic.
Basically, a server (e.g. mail.domain.com) runs a daemon that
listens on
port 110. POP3 server software: for Winblows = "MDaemon",
and *nix/*nux
= "gnu-pop3d"... (by GNU funnily enough)
Yes, there are some evil-ass exploits out there, naturally most
of which
effect winblows servers...
Ok, Now what?
=============
Ok, so you wanna talk to a POP3 server?
Before you get excited, some basics... The POP3 server will only
respond
in 2 ways, a reply beginning with "-ERR" normally means
an error... if
yo7ur lucky it'll tell you what you screwed up... otherwise you'll
get a
"+OK"
Ok, open your fav. telnet software... you should have at least
one POP3
account you can try this on... if not, get one... :) ( http://mail.yahoo
.com/?msg=I+am+lamer+scum )
For my example i'll use: mail.xxxxxxxx.com (fake) :)
Connect to mail.xxxxxxxx.com (or, your server), port 110...
You should get something like:
+OK QPOP (version 3.0.2) at linux474 starting.
This is good... Now type "user <username>" [ENTER]
[CTRL + J], (use your
own username/password for this)
You should get something like:
+OK Password required for <username>.
Now type: "pass <password>" [ENTER] [CTRL + J]
If you get:
+OK xxxxxxxx has 13 visible messages (0 hidden) in 162805 octets.
Your in... If you get:
-ERR Bad Login
You got username or password wrong...
Anyway... below is a (doctored) copy of a common login, mail
retrieval
and deletion cycle...
Lines starting with S: are from the server, lines starting with C:
are
entered by client (you)
========================================================================
S: +OK QPOP (version 3.0.2) at linux474 starting.
C: user xxxxxxxx
S: +OK Password required for xxxxxxxx.
C: pass xxxxxxxx
S: +OK xxxxxxxx has 13 visible messages (0 hidden) in 162805
octets.
C: stat
S: +OK 13 162805
C: list
S: +OK 13 visible messages (162805 octets)
S: 1 3317
S: 2 37933
S: 3 2612
S: 4 7439
S: 5 3455
S: 6 3420
S: 7 39812
S: 8 3388
S: 9 15190
S: 10 3181
S: 11 3824
S: 12 36770
S: 13 2464
S: .
C: top 1 0
S: +OK Message follows
S: Received: from hl.xxxxxxxx.com (hl.xxxxxxxx.com [0.0.0.0])
S: by linux474.xxxxxxxx.com (8.9.3/8.9.1) with SMTP id WAA09763
S: for <root@xxxxxxxx.com>; Tue, 6 Jun 2000 22:08:00 -0400
S: X-eGroups-Return: sentto-439090-1688-960342841-root=xxxxxxxx.com@retu
rns.xxxxxxxx.com
S: Received: from [0.0.0.0] by hl.xxxxxxxx.com with NNFMP; 07 Jun
2000
01:54:03 -0000
S: Received: (qmail 10864 invoked from network); 7 Jun 2000 01:51:35
-
0000
S: Received: from unknown (0.0.0.0) by m7.xxxxxxxx.org with QMQP;
7 Jun
2000 01:51:35 -0000
S: Received: from unknown (HELO zuper.xxxxxxxx.com) (0.0.0.0) by
mta3
with SMTP; 7 Jun 2000 01:51:34 -0000
S: Received: from pavilion (modem47.xxxxxxxx.com [0.0.0.0]) by
zuper.xxxxxxxx.com (8.8.7/8.8.7) with SMTP id UAA14994 for
<madhackers@xxxxxxxx.com>; Tue, 6 Jun 2000 20:54:19 -0500
S: Message-ID: <006901bfd033$78164c60$2f5a4ad1@xxxxxxxx>
S: To: <madhackers@xxxxxxxx.com>
S: References: <003301bfcf7a$0aec95e0$3117c6cd@xxxxxxxx>
<006401bfcfd5$6
f105bf0$5600000a@xxxxxxxx> <TaLMMAAcvSP5EwnN@xxxxxxxx.net>
S: X-Priority: 3
S: X-MSMail-Priority: Normal
S: X-Mailer: Microsoft Outlook Express 5.00.2615.200
S: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200
S: From: "xxxxxxxx" <eschbach@xxxxxxxx.com>
S: MIME-Version: 1.0
S: Mailing-List: list madhackers@xxxxxxxx.com; contact madhackers-
owner@xxxxxxxx.com
S: Delivered-To: mailing list madhackers@xxxxxxxx.com
S: Precedence: bulk
S: List-Unsubscribe: <mailto:madhackers-unsubscribe@xxxxxxxx.com>
S: Date: Tue, 6 Jun 2000 20:50:05 -0700
S: Reply-To: madhackers@xxxxxxxx.com
S: Subject: I also want proggies Re: [madhackers] I NEED HELP
S: Content-Type: text/plain; charset=US-ASCII
S: Content-Transfer-Encoding: 7bit
S: X-UIDL: Z*D!!!)g!!&-="!kP%"!
S: Status: RO
S:
S: .
C: retr 1
S: +OK 3317 octets
S: Received: from hl.xxxxxxxx.com (hl.xxxxxxxx.com [0.0.0.0])
S: by linux474.xxxxxxxx.com (8.9.3/8.9.1) with SMTP id WAA09763
S: for <root@xxxxxxxx.com>; Tue, 6 Jun 2000 22:08:00 -0400
S: X-eGroups-Return: sentto-439090-1688-960342841-root=xxxxxxxx.com@retu
rns.xxxxxxxx.com
S: Received: from [0.0.0.0] by hl.xxxxxxxx.com with NNFMP; 07 Jun
2000
01:54:03 -0000
S: Received: (qmail 10864 invoked from network); 7 Jun 2000 01:51:35
-
0000
S: Received: from unknown (0.0.0.0) by m7.xxxxxxxx.org with QMQP;
7 Jun
2000 01:51:35 -0000
S: Received: from unknown (HELO zuper.xxxxxxxx.com) (0.0.0.0) by
mta3
with SMTP; 7 Jun 2000 01:51:34 -0000
S: Received: from pavilion (modem47.xxxxxxxx.com [0.0.0.0]) by
zuper.xxxxxxxx.com (8.8.7/8.8.7) with SMTP id UAA14994 for
<madhackers@xxxxxxxx.com>; Tue, 6 Jun 2000 20:54:19 -0500
S: Message-ID: <006901bfd033$78164c60$2f5a4ad1@xxxxxxxx>
S: To: <madhackers@xxxxxxxx.com>
S: References: <003301bfcf7a$0aec95e0$3117c6cd@xxxxxxxx>
<006401bfcfd5$6
f105bf0$5600000a@xxxxxxxx> <TaLMMAAcvSP5EwnN@xxxxxxxx.net>
S: X-Priority: 3
S: X-MSMail-Priority: Normal
S: X-Mailer: Microsoft Outlook Express 5.00.2615.200
S: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200
S: From: "xxxxxxxx" <eschbach@xxxxxxxx.com>
S: MIME-Version: 1.0
S: Mailing-List: list madhackers@xxxxxxxx.com; contact madhackers-
owner@xxxxxxxx.com
S: Delivered-To: mailing list madhackers@xxxxxxxx.com
S: Precedence: bulk
S: List-Unsubscribe: <mailto:madhackers-unsubscribe@xxxxxxxx.com>
S: Date: Tue, 6 Jun 2000 20:50:05 -0700
S: Reply-To: madhackers@xxxxxxxx.com
S: Subject: I also want proggies Re: [madhackers] I NEED HELP
S: Content-Type: text/plain; charset=US-ASCII
S: Content-Transfer-Encoding: 7bit
S: X-UIDL: Z*D!!!)g!!&-="!kP%"!
S: Status: RO
S:
S: But menus on side frames look really nice. If you dont like
frames
S: me some tips on how to make my site look better other than
flash. I
S: would like to enlist the help of all of you on proggies to
start
S: webpage to look better. I am sure I can find them somewheres.
S:
S: ----- Original Message -----
S: From: Mike <root@xxxxxxxx.com>
S: To: <madhackers@xxxxxxxx.com>
S: Sent: Tuesday, June 06, 2000 9:50 AM
S: Subject: Re: [madhackers] I NEED HELP
S:
S: > I'm afraid I disagree... I think frames suck, it means
frames
S: > and non-frames version of sites and i can't be bothered.
Using Lynx
S: > quite a lot i find that tables can be more effective.
S: > --
S: > Mike
S: >
S: >
-------------------------------------------------------------------
S: > Take your development to new heights. Work with clients
like Dell
S: > pcOrder. Submit your resume to jobs@xxxxxxxx.com. Visit
us at
S: > http://click.xxxxxxxx.com/1/4358/7/_/809740/_/960310392/
S: >
-------------------------------------------------------------------
S: >
S: > To unsubscribe from this group, send an email to:
S: > madhackers-unsubscribe@xxxxxxxx.com
S: >
S:
S:
---------------------------------------------------------------------
S: Take your development to new heights. Work with clients like
Dell and
S: pcOrder. Submit your resume to jobs@liaison.com. Visit us at
S: http://click.xxxxxxxx.com/1/4358/7/_/809740/_/960342841/
S:
--------------------------------------------------------------------
S:
S: To unsubscribe from this group, send an email to:
S: madhackers-unsubscribe@xxxxxxxx.com
S:
S: .
C: dele 1
S: +OK Message 1 marked for deletion.
C: quit
S: +OK Pop server at linux474 signing off.
========================================================================
Ok... so overview on commands...
================================
STAT - Return "+OK n s" where n is the number of
messages and s is the
total size of the messages.
LIST - Show message number and size
TOP n l - Where n is the message number and l is the number of
lines you
want from the top of the message. This will return the header
section of
the message and l number of lines from the message.
RETR n - Return entire message n
DELE n - Delete message n from mail...
Cool, what next?
================
You can read the full POP3 spec in RFC1939 (http://www.faqs.org/rfcs/rfc
1939.html)
If there's enough interest, i'll run a sequel that'll show you
how to
build a program to transact with a pop3 server...
It's incredibly easy to build a brute force pop3 cracker...
*off to bed, working in a few hours*
Later!
--
Mike