Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts

From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Mon, 19 May 2008 23:34:45 -0500

I'll get on fixing
HELP
502 Error: command not implemented
tomorrow.
Thanks for the report.

On Mon, May 19, 2008 at 10:42 PM, Fyodor <> wrote:

On Mon, May 19, 2008 at 10:29:00PM -0500, DePriest, Jason R. wrote:

Thanks Arturo and Benson.  SMTPcommands.nse has been updated and attached.

The output is a little uglier,
[output]
25/tcp open  smtp    qmail smtpd
|  SMTP: EHLO reply: smtp110.sbc.mail.mud.yahoo.com, AUTH LOGIN PLAIN
XYMCOOKIE, PIPELINING, 250 8BITMIME
|_ HELP reply: qmail home page: http://pobox.com/~djb/qmail.html
[/output]
but takes up less space.

Also I recategorized it from "intrusive" to "safe" since it just runs
EHLO and HELP against smtp.  EHLO is pretty standard of any client
communicating and HELP provides similar output.


Thanks Jason.  This is looking good, but it seems to fail unecessarily
on Postfix, which does not seem to implement 'help' by default.  It
would be nice if the script still reported the EHLO results.  Here is
what happens against mail.titan.net, which handles mail for nmap-dev:

./nmap --script SMTPcommands.nse -sV -p25 mail.titan.net


Starting Nmap 4.62 ( http://nmap.org ) at 2008-05-19 20:41 PDT
Interesting ports on mail.titan.net (64.13.134.2):
PORT   STATE SERVICE VERSION
25/tcp open  smtp    Postfix smtpd
|_ SMTP: HELP with errors or timeout.  Enable --script-trace to see what is happening.
Service Info: Host:  mail.titan.net

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.140 seconds

The problem is this part of the SMTP discussion:

HELP
502 Error: command not implemented

I'll try to put the old format back for "verbose" output and put some
other things in for "debug", but I am not sure when I will have time.


Maybe require two verbose options for the old output.  We don't want
to get too verbose for people even if they do specify -v.

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: [RFC] Default NSE Scripts, (continued)
- - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
    - Re: [RFC] Default NSE Scripts jah (May 14)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
    - Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
    - Re: [RFC] Default NSE Scripts Fyodor (May 16)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Fyodor (May 19)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 20)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 21)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 20)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 27)
    - Re: [RFC] Default NSE Scripts jah (May 27)
    - Re: [RFC] Default NSE Scripts Fyodor (May 27)
    - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
    - Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 19)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
  - Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 15)