On 10/13/07, Kris Katterjohn <> wrote:
> On 10/12/07, DePriest, Jason R. <> wrote:
> > I made some minor changes to SMTPcommands.nse (attached).
> >
> > In addition to querying the mail server with EHLO, it now also queries
> > with HELP because the two commands give similar but different results.
> >
>
> Cool :)
>
> I have a question, and I hope it doesn't come across as demeaning:
>
> -- ASCII for "HELP\n"
> -- for some reason it wouldn't reply unless I did it like this
> local query = "\072\069\076\080\013\010"
>
> Did you send "HELP\n" or "HELP\r\n" when you tested this (and it didn't
> reply). It looks like you have \r\n in what you send, but you're saying
> it's for \n .. or you just forgot the \r in the comment.
>
I didn't test sending HELP in regular old text since EHLO didn't work.
It was easier to replicate what I did earlier instead.
Although I did discover that HELP required a \r\n to work and not just
a \n. If you use a \n, you get a loop until the 5 sec timeout it
reached. Not sure why.
I didn't have a lot of time to experiment on it.
> Above those lines in another comment (for 250 OK), it appears you're saying
> you have to do it in "\0xx" form to get the \r\n, but is that accurate?
> Other scripts use \r\n in strings to get that.
>
> Not that using the \0xx form is bad or anything, but I'm just wondering if
> it's really a problem or if I'm confused.
>
It seemed to be a problem with EHLO. But NSE has been upgraded and
fiddled with numerous times since then, so maybe I should try it with
good 'ol plain-text again.
> But good job with that script ;)
>
> Thanks,
> Kris Katterjohn
>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Oct 13 2007
Intro
