Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Last call for smtp-open-relay.nse - help needed

From: Joao Correa <joao () livewire com br>
Date: Fri, 18 Sep 2009 13:31:00 -0300
Hi Duarte,

I've made a fast try with your first patch. The only error I got was
related to using an undeclared variable on line 98. After changing the
variable name from test to tests, it worked fine. I didn't get the
errors you mentioned about comm.tryssl. If the problem is a bug on
comm.tryssl, I really would like more information to fix it.

Would you mind sending me (off list) the outputs you got while running
the first version of the script?

Thanks,
João.

On Fri, Sep 18, 2009 at 1:02 PM, Duarte Silva <duartejcsilva () gmail com> wrote:

Hi,

Just fixed the problem with comm.tryssl by not using it :P The script
is now able to detect if the SMTP server requires authentication. Give
it a go, and if it is accepted I will make the documentation (too
lazy/busy). Patch in attachments.

Best regards,
Duarte

On Fri, Sep 18, 2009 at 1:03 AM, Duarte Silva <duartejcsilva () gmail com> wrote:

Hi,

I decided to try it out. I'm having troubles in the call comm.tryssl,
it reports that I'm using a nil value but I checked all the values and
they aren't nil (print & debuglevel > 1 =  r0x). Don't be evil, this
is the first time I develop in LUA and I don't know if the tests
*array* can be declared like that :P. I didn't made the documentation
yet.

Anyway, the patch is attached, best regards
Duarte

On Thu, Sep 17, 2009 at 10:00 PM, Fyodor <fyodor () insecure org> wrote:

Hi all.  It has been two years since we changed smtp-open-relay to the
demo category because it was using legitimate domains
(e.g. insecure.org -- current version uses scanme.org) to check for
open relays.  The hope was that someone would find a way to avoid
doing that, but it hasn't happened.  However, we do now have the
external category for scripts which do this sort of thing.  So I think
we should either clean it up and put it in real categories, or remove
the script.  So this is a call for anyone who wants to "adopt" this
script and clean it up.  The things I see right away that it needs
are:

o If there is a way to avoid using a real domain, that would be best.
 If not, I suppose "nmap.scanme.org" is OK.  In that case, the script
 should be added to the "external" category.  Also, there should be a
 script argument for changing "ourdomain".  You shouldn't have to edit
 the script.

o It should be removed from the "demo" category and added to whatever
 other categories are appropriate.  Maybe "discovery" and
 "intrusive".  Perhaps "vuln" is appropriate too, as an open relay is a
 vulnerability IMHO.  Though if we use that category here, we should
 probably do the same for http-open-proxy and socks-open-proxy.
 Let's not put it in "default" at this time, though it might be worth
 consideration later.

o It needs to be updated to look like a current script.  In
 particular, it needs decent NSEDoc comments, license and author
 fields, etc.  Take a look at one of Ron's recent scripts, as he does
 a good job at this.

o I think the "spamtest" strings should probably be changed to
 "antispam" to make it more clear that we're trying to prevent spam.

This script definitely has value and so I hope someone will take this
one.  Otherwise I'll have to remove the script in a week or so.  Two
years is long enough to carry this around as the final remaining
"demo" script.

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org






_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: