Nmap Development mailing list archives

Re: pop3-capabilities error

From: jah <jah () zadkiel plus com>
Date: Tue, 03 Feb 2009 02:50:54 +0000

On 03/02/2009 01:48, Brandon Enright wrote:

On Tue, 03 Feb 2009 01:47:26 +0000
jah <jah () zadkiel plus com> wrote:

On 03/02/2009 01:32, Brandon Enright wrote:

I think the issue is that pop3.lua doesn't appear to try to use SSL
to port 995 even though the service was fingerprinted as ssl/pop3.
Shouldn't we be passing a protocol of 'ssl' or 'tcp' to the
socket:connect routine rather than nothing (which defaults to TCP)?

We probably should.  Would you try the attached pop3.lua lib which
passes "ssl" if port.version.service_tunnel == "ssl"


Sure, in a few minutes.  I noticed the SMTP commands script also times
out on port 465 (SSL/SMTP).  That script passes in port.protocol to the
socket connect.  Is the protocol for SSL wrapped ports still TCP?

I found some hosts I could test these mods on:

465/tcp open  ssl/smtp
|_ smtp-commands: EHLO <snip>, ENHANCEDSTATUSCODES, AUTH LOGIN PLAIN,
AUTH=LOGIN PLAIN, PIPELINING, 8BITMIME, SIZE 104857600
995/tcp open  ssl/pop3 Courier pop3d
|_ pop3-capabilities: USER IMPLEMENTATION(Courier Mail Server) UIDL
PIPELINING LOGIN-DELAY(10) TOP

so I've checked them in.

Regards,

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: 4.85BETA2 posted to Nmap download page - please test, (continued)
- - - Re: 4.85BETA2 posted to Nmap download page - please test Brandon Enright (Feb 23)
    - Follow up to NSE issues and gh_list assert() failure (Was 4.85BETA2 posted...) Brandon Enright (Feb 25)
    - Re: Follow up to NSE issues and gh_list assert() failure (Was 4.85BETA2 posted...) Patrick Donnelly (Feb 25)
    - Re: Follow up to NSE issues and gh_list assert() failure (Was 4.85BETA2 posted...) Brandon Enright (Feb 25)
    - Re: Follow up to NSE issues -- procedure to reproduce David Fifield (Feb 26)
    - Re: Follow up to NSE issues -- procedure to reproduce Patrick Donnelly (Feb 26)
    - Re: Follow up to NSE issues and gh_list assert() failure (Was 4.85BETA2 posted...) David Fifield (Mar 01)
    - Re: 4.85BETA2 posted to Nmap download page - please test bmenrigh (Feb 23)
    - Re: pop3-capabilities error jah (Feb 02)
    - Re: pop3-capabilities error Brandon Enright (Feb 02)
    - Message not available
    - Message not available
    - Re: pop3-capabilities error jah (Feb 02)
    - Re: pop3-capabilities error Brandon Enright (Feb 02)
  - Re: 4.85BETA2 posted to Nmap download page - please test Gisle Vanem (Jan 30)
    - Re: 4.85BETA2 posted to Nmap download page - please test Fyodor (Jan 31)
    - Re: 4.85BETA2 posted to Nmap download page - please test Kris Katterjohn (Jan 31)
    - Re: 4.85BETA2 posted to Nmap download page - please test Gisle Vanem (Jan 31)