I made some minor changes to SMTPcommands.nse (attached).
In addition to querying the mail server with EHLO, it now also queries
with HELP because the two commands give similar but different results.
Addressing a complaint I still have not fixed in the comments
-- EHLO returns a multiline result - I would like to pull out the line
feeds and replace them with
-- something nicer like commas. But when I do that, it messes up the
first two lines as well, which
-- probably should be on their own lines. I have not mastered the
regexes for NSE yet, so maybe some day.
It looks like this
Interesting ports on mail.domain.com (xx.xx.xx.xx):
PORT STATE SERVICE VERSION
25/tcp open smtp Microsoft ESMTP 6.0.3790.1830
| SMTP: Responded to EHLO command
| MAIL.domain.com Hello [yy.yy.yy.yy]
| TURN
| SIZE
| ETRN
| PIPELINING
| DSN
| ENHANCEDSTATUSCODES
| 8bitmime
| BINARYMIME
| CHUNKING
| VRFY
| X-EXPS GSSAPI NTLM LOGIN
| X-EXPS=LOGIN
| AUTH GSSAPI NTLM LOGIN
| AUTH=LOGIN
| X-LINK2STATE
| XEXCH50
| Responded to HELP command
| This server supports the following commands:
|_ HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH TURN ETRN BDAT VRFY
Sorry I didn't send this up until *after* SOC7.
Thank you!
-Jason
--
NOTICE: This email is being sent in clear-text across the public
Internet. Therefore, any attempts to include unenforceable legalese
restrictions are ridiculous and pointless. If you can read this,
consider yourself authorized (whether I like it or not).
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Oct 12 2007
Intro
