Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: updated SMTPcommands script
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Sat, 13 Oct 2007 09:57:20 -0500

On 10/13/07, Kris Katterjohn <> wrote:
On 10/12/07, DePriest, Jason R. <> wrote:
I made some minor changes to SMTPcommands.nse (attached).

In addition to querying the mail server with EHLO, it now also queries
with HELP because the two commands give similar but different results.


Cool :)

I have a question, and I hope it doesn't come across as demeaning:

-- ASCII for "HELP\n"
 -- for some reason it wouldn't reply unless I did it like this
local query = "\072\069\076\080\013\010"

Did you send "HELP\n" or "HELP\r\n" when you tested this (and it didn't
reply).  It looks like you have \r\n in what you send, but you're saying
it's for \n .. or you just forgot the \r in the comment.


I didn't test sending HELP in regular old text since EHLO didn't work.
 It was easier to replicate what I did earlier instead.
Although I did discover that HELP required a \r\n to work and not just
a \n.  If you use a \n, you get a loop until the 5 sec timeout it
reached.  Not sure why.
I didn't have a lot of time to experiment on it.

Above those lines in another comment (for 250 OK), it appears you're saying
you have to do it in "\0xx" form to get the \r\n, but is that accurate?
Other scripts use \r\n in strings to get that.

Not that using the \0xx form is bad or anything, but I'm just wondering if
it's really a problem or if I'm confused.


It seemed to be a problem with EHLO.  But NSE has been upgraded and
fiddled with numerous times since then, so maybe I should try it with
good 'ol plain-text again.

But good job with that script ;)

Thanks,
Kris Katterjohn


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault