oss-sec mailing list archives
Re: New SMTP smuggling attack
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 22 Dec 2023 13:11:02 +0100
In case this helps: SEC Consult has not published a test tool, and it seems they have not tested many mailservers. I have tried to understand the attack, and came up with a preliminary test script myself: https://github.com/hannob/smtpsmug This is pretty much work in progress, not really documented, and I am still unsure what exactly the "right" behavior should be. But I'm sharing it in case it helps others. I may or may not update / improve it in the coming days. By default it tests whether a server accepts the <lf>.<lf> behavior. For testing the sending side, you will need to setup a receiving server and analyze it manually. -- Hanno Böck https://hboeck.de/
Current thread:
- Re: Re: New SMTP smuggling attack, (continued)
- Re: Re: New SMTP smuggling attack Stuart D Gathman (Dec 22)
- Re: Re: New SMTP smuggling attack Harry Sintonen (Dec 22)
- Re: Re: New SMTP smuggling attack Bjoern Franke (Dec 22)
- Re: Re: New SMTP smuggling attack Valtteri Vuorikoski (Dec 23)
- Re: Re: New SMTP smuggling attack Marcus Meissner (Dec 24)
- Re: Re: New SMTP smuggling attack kai (Dec 25)
- Re: New SMTP smuggling attack Claus Assmann (Dec 26)
- Re: Re: New SMTP smuggling attack Alan Coopersmith (Dec 29)
- Re: Re: New SMTP smuggling attack Marcus Meissner (Dec 30)
- Re: Re: New SMTP smuggling attack Claus Assmann (Dec 30)