Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts

From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Wed, 21 May 2008 22:32:38 -0500

New version.  Please test against some mail servers since my ISP
definitely (confirmed by former employee) blocks access to port 25 on
all but their own mail servers.

no verbose gives you this
[output]
Interesting ports on 68.142.198.11:
PORT   STATE SERVICE
25/tcp open  smtp
|  SMTP: EHLO smtp107.sbc.mail.mud.yahoo.com, AUTH LOGIN PLAIN
XYMCOOKIE, PIPELINING, 250 8BITMIME
|_ HELP qmail home page: http://pobox.com/~djb/qmail.html
[/output]

verbose X2 or debug X2 gives you this
[output]
Host 68.142.198.11 appears to be up ... good.
Interesting ports on 68.142.198.11:
PORT   STATE SERVICE
25/tcp open  smtp
|  SMTP: >>>> EHLO example.org
|  <<<< smtp102.sbc.mail.mud.yahoo.com
|  <<<< AUTH LOGIN PLAIN XYMCOOKIE
|  <<<< PIPELINING
|  <<<< 250 8BITMIME
|  >>>> HELP
|_ <<<< qmail home page: http://pobox.com/~djb/qmail.html
[/output]

-Jason

On Mon, May 19, 2008 at 10:42 PM, Fyodor <> wrote:


Thanks Jason.  This is looking good, but it seems to fail unecessarily
on Postfix, which does not seem to implement 'help' by default.  It
would be nice if the script still reported the EHLO results.  Here is
what happens against mail.titan.net, which handles mail for nmap-dev:

./nmap --script SMTPcommands.nse -sV -p25 mail.titan.net


Starting Nmap 4.62 ( http://nmap.org ) at 2008-05-19 20:41 PDT
Interesting ports on mail.titan.net (64.13.134.2):
PORT   STATE SERVICE VERSION
25/tcp open  smtp    Postfix smtpd
|_ SMTP: HELP with errors or timeout.  Enable --script-trace to see what is happening.
Service Info: Host:  mail.titan.net

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.140 seconds

The problem is this part of the SMTP discussion:

HELP
502 Error: command not implemented

I'll try to put the old format back for "verbose" output and put some
other things in for "debug", but I am not sure when I will have time.


Maybe require two verbose options for the old output.  We don't want
to get too verbose for people even if they do specify -v.

Cheers,
-F

Attachment: SMTPcommands.nse
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: [RFC] Default NSE Scripts, (continued)
- - - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
    - Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
    - Re: [RFC] Default NSE Scripts Fyodor (May 16)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Fyodor (May 19)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 20)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 21)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 20)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 27)
    - Re: [RFC] Default NSE Scripts jah (May 27)
    - Re: [RFC] Default NSE Scripts Fyodor (May 27)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 19)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
  - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 15)