Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Bug in smtp-enum-users.nse

From: Yehuda Eisenstark <yudieisenstark () gmail com>
Date: Thu, 10 Feb 2011 22:44:13 +0200
I am a complete newbie at NSE, so this may be completely off but,
the smtp-enum-users.nse script contains the following code:

  elseif string.match(response, "^502") or string.match(response, "^252") or
string.match(response, "^550") then
                          -- The server doesn't implement the command or it
is disallowed.
                          return STATUS_CODES.NOTPERMITTED

Many SMTP servers return a "550 User Unknown" in response to a "RCPT TO"
request with an unknown user. The script starts enumerating users via "RCPT
TO" but stops at the first "550 User Unknown" response and then tries using
VRFY and EXPN for that user. The script never goes back to enumerating the
rest of the users in the username file via "RCPT TO". If VRFY and EXPN don't
work the script sends a QUIT and stops. Why is that?

Thanks,
 Y
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: