VSploit Email PII - Metasploit

This page contains detailed information about how to use the auxiliary/vsploit/pii/email_pii metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Module Overview

---

Name: VSploit Email PII
Module: auxiliary/vsploit/pii/email_pii
Source code: modules/auxiliary/vsploit/pii/email_pii.rb
Disclosure date: -
Last modification time: 2020-05-30 10:27:48 +0000
Supported architecture(s): -
Supported platform(s): -
Target service / protocol: smtp, smtps
Target network port(s): 25, 465, 587, 2525, 25000, 25025
List of CVEs: -

This auxiliary reads from a file and sends data which should be flagged via an internal or external SMTP server.

Module Ranking and Traits

---

Module Ranking:

• normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Basic Usage

---

msf > use auxiliary/vsploit/pii/email_pii
msf auxiliary(email_pii) > show targets
    ... a list of targets ...
msf auxiliary(email_pii) > set TARGET target-id
msf auxiliary(email_pii) > show options
    ... show and set options ...
msf auxiliary(email_pii) > exploit

Required Options

---

• RHOSTS: The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'

• MAILTO: The TO address of the email

• SUBJECT: Subject line of the email

Go back to menu.

Msfconsole Usage

---

Here is how the vsploit/pii/email_pii auxiliary module looks in the msfconsole:

msf6 > use auxiliary/vsploit/pii/email_pii

msf6 auxiliary(vsploit/pii/email_pii) > show info

       Name: VSploit Email PII
     Module: auxiliary/vsploit/pii/email_pii
    License: Metasploit Framework License (BSD)
       Rank: Normal

Provided by:
  willis

Check supported:
  No

Basic options:
  Name          Current Setting        Required  Description
  ----          ---------------        --------  -----------
  DATE                                 no        Override the DATE: field with this value
  DOMAIN                               no        SMTP Domain to EHLO to
  EMAIL_DOMAIN  localhost.localdomain  no        Email Domain
  ENTRIES       1000                   no        PII Entry Count
  MAILFROM      [email protected]     yes       The FROM address of the e-mail
  MAILTO                               yes       The TO address of the email
  PASSWORD                             no        SMTP Password for sending email
  RHOST         127.0.0.1              yes       SMTP server address
  RHOSTS        127.0.0.1              yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
  RPORT         25                     yes       SMTP server port (TCP)
  SUBJECT                              yes       Subject line of the email
  USERNAME                             no        SMTP Username for sending email
  VERBOSE                              no        Display verbose information

Description:
  This auxiliary reads from a file and sends data which should be 
  flagged via an internal or external SMTP server.

Module Options

---

This is a complete list of options available in the vsploit/pii/email_pii auxiliary module:

msf6 auxiliary(vsploit/pii/email_pii) > show options

Module options (auxiliary/vsploit/pii/email_pii):

   Name          Current Setting        Required  Description
   ----          ---------------        --------  -----------
   DATE                                 no        Override the DATE: field with this value
   DOMAIN                               no        SMTP Domain to EHLO to
   EMAIL_DOMAIN  localhost.localdomain  no        Email Domain
   ENTRIES       1000                   no        PII Entry Count
   MAILFROM      [email protected]     yes       The FROM address of the e-mail
   MAILTO                               yes       The TO address of the email
   PASSWORD                             no        SMTP Password for sending email
   RHOST         127.0.0.1              yes       SMTP server address
   RHOSTS        127.0.0.1              yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT         25                     yes       SMTP server port (TCP)
   SUBJECT                              yes       Subject line of the email
   USERNAME                             no        SMTP Username for sending email
   VERBOSE                              no        Display verbose information

Advanced Options

---

Here is a complete list of advanced options supported by the vsploit/pii/email_pii auxiliary module:

msf6 auxiliary(vsploit/pii/email_pii) > show advanced

Module advanced options (auxiliary/vsploit/pii/email_pii):

   Name            Current Setting  Required  Description
   ----            ---------------  --------  -----------
   CHOST                            no        The local client address
   CPORT                            no        The local client port
   ConnectTimeout  10               yes       Maximum number of seconds to establish a TCP connection
   Proxies                          no        A proxy chain of format type:host:port[,type:host:port][...]
   SSL             false            no        Negotiate SSL/TLS for outgoing connections
   SSLCipher                        no        String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"
   SSLVerifyMode   PEER             no        SSL verification method (Accepted: CLIENT_ONCE, FAIL_IF_NO_PEER_CERT, NONE, PEER)
   SSLVersion      Auto             yes       Specify the version of SSL/TLS to be used (Auto, TLS and SSL23 are auto-negotiate) (Accepted: Auto, TLS, SSL23, SSL3, TLS1, TLS1.1, TLS1.2)
   WORKSPACE                        no        Specify the workspace for this module

Auxiliary Actions

---

This is a list of all auxiliary actions that the vsploit/pii/email_pii module can do:

msf6 auxiliary(vsploit/pii/email_pii) > show actions

Auxiliary actions:

   Name  Description
   ----  -----------

Evasion Options

---

Here is the full list of possible evasion options supported by the vsploit/pii/email_pii auxiliary module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):

msf6 auxiliary(vsploit/pii/email_pii) > show evasion

Module evasion options:

   Name                Current Setting  Required  Description
   ----                ---------------  --------  -----------
   TCP::max_send_size  0                no        Maxiumum tcp segment size.  (0 = disable)
   TCP::send_delay     0                no        Delays inserted before every send.  (0 = disable)

Go back to menu.

Related Pull Requests

---

• #13540 Merged Pull Request: Change OptString of RPORT to OptPort
• #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
• #6655 Merged Pull Request: use MetasploitModule as a class name
• #6648 Merged Pull Request: Change metasploit class names
• #2525 Merged Pull Request: Change module boilerplate
• #1228 Merged Pull Request: MSFTIDY cleanup #1 - auxiliary

Go back to menu.

See Also

---

Check also the following modules related to this module:

• auxiliary/vsploit/malware/dns/dns_mariposa
• auxiliary/vsploit/malware/dns/dns_query
• auxiliary/vsploit/malware/dns/dns_zeus
• auxiliary/vsploit/pii/web_pii
• exploit/apple_ios/email/mobilemail_libtiff
• exploit/osx/email/mailapp_image_exec
• exploit/windows/email/ms07_017_ani_loadimage_chunksize
• exploit/windows/email/ms10_045_outlook_ref_only
• exploit/windows/email/ms10_045_outlook_ref_resolve
• auxiliary/client/smtp/emailer
• auxiliary/gather/search_email_collector
• auxiliary/scanner/http/wp_email_sub_news_sqli
• exploit/linux/http/grandstream_ucm62xx_sendemail_rce
• exploit/unix/local/emacs_movemail
• exploit/windows/fileformat/adobe_collectemailinfo
• post/windows/gather/credentials/windowslivemail

Authors

---

• willis

Version

---

This page has been produced using Metasploit Framework version 6.1.28-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.