Re: Last call for smtp-open-relay.nse - help needed

[Duarte Silva <duartejcsilva () gmail com>]

Hi,

I have made some minor changes to smtp-open-relay.nse

* Fixed socket left open when receive_lines function call fails
* Minor comments changes

I also finished the smtp-enum-users.nse script (for more info read the
description in the script). Patches in the attachments as usual.

Regards,
Duarte Silva

On Fri, Mar 5, 2010 at 6:00 AM, Fyodor <fyodor () insecure org> wrote:
> On Sat, Feb 27, 2010 at 06:37:46PM +0000, Duarte Silva wrote:
> > I also developed a new script that will try to enumerate the users in
> > a SMTP server using the VRFY or the EXPN command (using the
> > usernames.lst). If this is found to be useful since it seem that there
> > aren't many servers that allow those commands.
>
> Another common technique is to use RCPT for this.  I usually just try
> some gibberish first to catch machines which accept anything at
> all. For example:
>
> $ ncat -v mail.insecure.org 25
> Ncat: Version 5.21 ( http://nmap.org/ncat )
> Ncat: Connected to 64.13.134.2:25.
> 220 mail.titan.net ESMTP Postfix
> HELO hax0r
> 250 mail.titan.net
> MAIL FROM:<president () whitehouse gov>
> 250 2.1.0 Ok
> RCPT TO:<sdfasdfblah>
> 550 5.1.1 <sdfasdfblah>: Recipient address rejected: User unknown in local recipient table
> RCPT TO:<fyodor>
> 250 2.1.5 Ok
> QUIT
> 221 2.0.0 Bye
> Ncat: 92 bytes sent, 189 bytes received in 64.17 seconds.
>
>
> Cheers,
> Fyodor

Attachment: smtp-enum-users.patch
Description:

Attachment: smtp-open-relay.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/