Re: updated SMTPcommands script

["DePriest, Jason R." <jrdepriest () gmail com>]

On 10/13/07, Kris Katterjohn <> wrote:
> On 10/12/07, DePriest, Jason R. <> wrote:
> > I made some minor changes to SMTPcommands.nse (attached).
> >
> > In addition to querying the mail server with EHLO, it now also queries
> > with HELP because the two commands give similar but different results.
>
> Cool :)
>
> I have a question, and I hope it doesn't come across as demeaning:
>
> -- ASCII for "HELP\n"
>  -- for some reason it wouldn't reply unless I did it like this
> local query = "\072\069\076\080\013\010"
>
> Did you send "HELP\n" or "HELP\r\n" when you tested this (and it didn't
> reply).  It looks like you have \r\n in what you send, but you're saying
> it's for \n .. or you just forgot the \r in the comment.

I didn't test sending HELP in regular old text since EHLO didn't work.
 It was easier to replicate what I did earlier instead.
Although I did discover that HELP required a \r\n to work and not just
a \n.  If you use a \n, you get a loop until the 5 sec timeout it
reached.  Not sure why.
I didn't have a lot of time to experiment on it.

> Above those lines in another comment (for 250 OK), it appears you're saying
> you have to do it in "\0xx" form to get the \r\n, but is that accurate?
> Other scripts use \r\n in strings to get that.
>
> Not that using the \0xx form is bad or anything, but I'm just wondering if
> it's really a problem or if I'm confused.

It seemed to be a problem with EHLO.  But NSE has been upgraded and
fiddled with numerous times since then, so maybe I should try it with
good 'ol plain-text again.

> But good job with that script ;)
>
> Thanks,
> Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org