# POP3 (Port 110, 25\*)
## Quick Intro
**Post Office Protocol** (**POP**) is a type of computer networking and Internet standard **protocol** that extracts and retrieves email from a remote mail server for access by the host machine. **POP** is an application layer **protocol** in the OSI model that provides end users the ability to fetch and receive email .
The POP clients generally connect, retrieve all messages, store them on the client system, and delete them from the server. There are 3 versions of POP, but POP3 is the most used one.
## Connection
```
telnet $ip 110
```
## Banner Grabbing
```
nc -nv 110
openssl s_client -connect :995 -crlf -quiet
```
### Manual
You can use the command `CAPA` to obtain the capabilities of the POP3 server.
### Automated
```
nmap --script "pop3-capabilities or pop3-ntlm-info" -sV -port
#All are default scripts
```
> The `pop3-ntlm-info` plugin will return some "**sensitive**" data (Windows versions).
## Command
```
POP commands:
USER uid Log in as "uid"
PASS password Substitue "password" for your actual password
STAT List number of messages, total mailbox size
LIST List messages and sizes
RETR n Show message n
DELE n Mark message n for deletion
RSET Undo any changes
QUIT Logout (expunges messages if no RSET)
TOP msg n Show first n lines of message number msg
CAPA Get capabilities
```
### Example
```
root@kali:~# telnet $ip 110
+OK beta POP3 server (JAMES POP3 Server 2.3.2) ready
USER billydean
+OK
PASS password
+OK Welcome billydean
list
+OK 2 1807
1 786
2 1021
retr 1
+OK Message follows
From: jamesbrown@motown.com
Dear Billy Dean,
Here is your login for remote desktop ... try not to forget it this time!
username: billydean
password: PA$$W0RD!Z
```