Nmap Development mailing list archives
Re: Get Outlook Web Address URL
From: Dan <cdcdanielctin () gmail com>
Date: Thu, 18 Aug 2011 21:08:48 +0300
Hello, David, First of all I would like to apologize for replying after so much time but I have been very busy with renovating my new home. The ronovation is coming to an end so I wil start implementing the suggestions Henri made and some of my new ideas regarding the list of subdomains. Regarding the functionality of the script, it was developed specifically for retrieving the Outlook Web Access URL and I consider to be usefull because the http like scripts queries only the path (correct me if I am wrong) used by popular web applications were as my script takes the domain and builds the target hostname and queries them for the typically directory used for Outlook Web Access. Thank you, Daniel On Mon, Aug 15, 2011 at 10:10 AM, David Fifield <david () bamsoftware com> wrote:
Dan, I don't know if Henri cpied you in this message he sent to the mailing list. He makes good suggestions that you should implement. I'm still a bit confused about what this script does--what is the Outlook URL good for? From what I can tell, it tries an MX query to get a list of domains, otherwise it uses a default list {"mail", "webmail", etc.}. It then tries to retrieve a web page from each of the domains and reports if any of them is successful. Is that correct? David Fifield On Fri, May 27, 2011 at 03:18:14PM +0200, Henri Doreau wrote:2011/4/22 Dan <cdcdanielctin () gmail com>:Hello everybody, I found out the hard way that sometimes getting information from the mail server admin can be very difficult due to externalization so I’ve decided to write a NSE script that discovers the OWA URL, information that would be very usefull in cases like configuring a handheld device, a Blackberry Internet Service account or just simply access the webmail. The script is based on empirical data and it has been successfully tested on several public server. [...] This is my first Lua script so run it and give me your feedback. Daniel(resending to nmap-dev as it looks like something went wrong the first time). Hello Daniel, thanks for the script and sorry for the long delay. I know no server I could use to test the script but here are a few suggestions about the code. - please change the mixed tabs and spaces indentation to something consistent, 2 or 4 spaces only is a good and fairly common choice. - instead of using several table.insert() statements to generate the targets array, the check_targets() function should simply iterate over an array of subdomains. Something like this: """ local subdomains = {"mail", "webmail", "owa", "exchange", "webmaileu", "exmail"} local results = {} local targets = {} for _, subdomain in ipairs(subdomains) do table.insert(targets, subdomain .. "." .. targetname) end """ I'm also wondering whether it would make sense to offer the user the ability to specify other names on the command line. - calls to print() should be replaced by stdnse.print_debug/verbose (see [1]), no need to check for the verbosity level before calling the function then. - unless I missed something, it looks like the action function could be simplified, at least by moving duplicate code to a single function. But it would be even better to have get_mx() returning an array (even if it contains a single element). Then just iterate over the elements of this array without worrying about its size. - in check_targets() and check_mx() the script does things like: """ local email_server = "https://" .. mx .. p results[#results + 1] = string.format("OWA Found with: ") results[#results + 1] = string.format("Email Server: %s", email_server) if (c == 302) then results[#results + 1] = string.format("Real Server Location: %s", l) end """ Using table.insert() would probably be easier to read, no big deal though. string.format() is not useful for "OWA Found with: ", you can just assign the string. - you should improve the documentation a bit. At least elaborate on what the script does in the description field and add an @args entry in the nsedoc section to describe the aim of get-owa.domain (see existing scripts for reference). - the global variable "path" is only used by check_mx() and could therefore be localized there. Regards. [1] http://nmap.org/nsedoc/lib/stdnse.html#print_debug Henri _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Get Outlook Web Address URL Dan (Aug 18)
- Re: Get Outlook Web Address URL David Fifield (Aug 18)
- Re: Get Outlook Web Address URL Dan (Aug 18)
- Re: Get Outlook Web Address URL Matthew Finkel (Aug 18)
- Re: Get Outlook Web Address URL Dan (Aug 19)
- Re: Get Outlook Web Address URL Dan (Aug 18)
- Re: Get Outlook Web Address URL David Fifield (Aug 18)