25 ~ SMTP

Log poisoning

Given that we have found a way to access log file (eg. LFI) directories such as:

/var/log/mail
/var/log/syslog

There are some commands that may allow us to have our input directly appear in the logs:

1. RCPT TO

RCPT TO:<payload>

2. VRFY

VRFY <payload>
Previous22 ~ SSHNext53 ~ DNS

Last updated