Nmap Development mailing list archives
Re: Last call for smtp-open-relay.nse - help needed
From: David Fifield <david () bamsoftware com>
Date: Wed, 17 Feb 2010 09:05:57 -0700
On Mon, Feb 01, 2010 at 10:23:54AM +0000, Duarte Silva wrote:
It needs to be added to the "external" category since it still uses an Nmap domain by default. At first I was going to suggest that we change "nmap.scanme.org" into the usual "scanme.nmap.org". But I've decided that the former is better for this particular purpose (less likely to get nmap.org added to SMTP blocklists), so I've added the corresponding DNS name. I only did a very cursory review of the patch. But I'm OK with it going in if it satisfies David (or can be made to do so).Made a new patch based on the latest nmap revision. Added the external category as you wrote. Patch and script in the attachments.
Okay, here are a few things.
-- @args domain Define the domain to be used in the anti-spam tests (default is nmap.scanme.org) -- @args ip Use this to change the IP address to be used (default is the target IP address)
The script argument names are too generic. We're kind of moving towards a common naming convention for these, which would give them the names smtp-open-relay.domain and smtp-open-relay.ip. Those names are kind of ugly, but I figure anyone running the script is either going to be happy with the defaults, or will have already looked into the script documentation for how to change them and won't mind the names. I got this error trying to run against Exim (with --packet-trace on): NSE: TCP 192.168.0.21:54883 > 69.164.193.231:25 | 00000000: 4d 41 49 4c 20 46 52 4f 4d 3a 3c 61 6e 74 69 73 MAIL FROM:<antis 00000010: 70 61 6d 40 5b 36 39 2e 31 36 34 2e 31 39 33 2e pam@[69.164.193. 00000020: 32 33 31 5d 3e 0d 0a 231]> NSE: TCP 192.168.0.21:54883 < 69.164.193.231:25 | 501-<antispam@[69.164.193.231]>: domain literals not allowed 501 Too many syntax or protocol errors NSE: TCP 192.168.0.21:54883 > 69.164.193.231:25 | 00000000: 52 53 45 54 0d 0a RSET NSE: TCP 192.168.0.21:54883 > 69.164.193.231:25 | CLOSE NSE: smtp-open-relay against 69.164.193.231:25 threw an error! EOF stack traceback: [C]: in function 'try' ./scripts/smtp-open-relay.nse:67: in function 'dorequest' ./scripts/smtp-open-relay.nse:148: in function 'go' ./scripts/smtp-open-relay.nse:206: in function <./scripts/smtp-open-relay.nse:205> (tail call): ? If you change the script args, and add handling for a broken connection, this can go in. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Jan 31)
- Re: Last call for smtp-open-relay.nse - help needed Arturo 'Buanzo' Busleiman (Jan 31)
- Re: Last call for smtp-open-relay.nse - help needed Fyodor (Jan 31)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 01)
- Re: Last call for smtp-open-relay.nse - help needed David Fifield (Feb 17)
- Re: Last call for smtp-open-relay.nse - help needed Arturo 'Buanzo' Busleiman (Feb 17)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 18)
- Re: Last call for smtp-open-relay.nse - help needed David Fifield (Feb 18)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 18)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 20)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 21)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 21)
- Re: Last call for smtp-open-relay.nse - help needed David Fifield (Feb 22)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 22)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 27)
- Re: Last call for smtp-open-relay.nse - help needed Duarte Silva (Feb 01)