<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Pop3-Sniffing on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</title><link>https://hackita.it/tags/pop3-sniffing/</link><description>Recent content in Pop3-Sniffing on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</description><generator>Hugo</generator><language>it</language><lastBuildDate>Sat, 11 Apr 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://hackita.it/tags/pop3-sniffing/index.xml" rel="self" type="application/rss+xml"/><item><title>Porta 110 POP3: Brute Force, Credential Sniffing e Accesso Mailbox</title><link>https://hackita.it/articoli/porta-110-pop3/</link><pubDate>Sat, 11 Apr 2026 00:00:00 +0000</pubDate><guid>https://hackita.it/articoli/porta-110-pop3/</guid><description>&lt;p&gt;La porta 110 espone &lt;strong&gt;POP3&lt;/strong&gt; (Post Office Protocol version 3) — il protocollo standard per download email da mail server a client locale. POP3 opera su TCP porta 110 permettendo ai client email (Outlook, Thunderbird, mobile apps) di recuperare messaggi dal server e salvarli localmente, tipicamente eliminandoli dal server dopo il download. In penetration testing, la porta 110 è &lt;strong&gt;vettore critico per credential harvesting&lt;/strong&gt;: POP3 trasmette username/password in plaintext (no cifratura), permettendo packet sniffing, brute force senza account lockout tipico, e credential stuffing da breach database. Ogni mail server esposto su porta 110 invece di 995 (POP3S cifrato) è &lt;strong&gt;instant win per attacker&lt;/strong&gt; — credenziali email leakate aprono phishing interno, lateral movement via contact list, e data exfiltration da mailbox.&lt;/p&gt;</description></item></channel></rss>