Nmap Development mailing list archives
Bug in smtp-enum-users.nse
From: Yehuda Eisenstark <yudieisenstark () gmail com>
Date: Thu, 10 Feb 2011 22:44:13 +0200
I am a complete newbie at NSE, so this may be completely off but, the smtp-enum-users.nse script contains the following code: elseif string.match(response, "^502") or string.match(response, "^252") or string.match(response, "^550") then -- The server doesn't implement the command or it is disallowed. return STATUS_CODES.NOTPERMITTED Many SMTP servers return a "550 User Unknown" in response to a "RCPT TO" request with an unknown user. The script starts enumerating users via "RCPT TO" but stops at the first "550 User Unknown" response and then tries using VRFY and EXPN for that user. The script never goes back to enumerating the rest of the users in the username file via "RCPT TO". If VRFY and EXPN don't work the script sends a QUIT and stops. Why is that? Thanks, Y _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug in smtp-enum-users.nse Yehuda Eisenstark (Feb 10)
- Re: Bug in smtp-enum-users.nse Patrik Karlsson (Feb 10)