On Mon, May 19, 2008 at 10:29:00PM -0500, DePriest, Jason R. wrote:
Thanks Arturo and Benson. SMTPcommands.nse has been updated and attached.
The output is a little uglier,
25/tcp open smtp qmail smtpd
| SMTP: EHLO reply: smtp110.sbc.mail.mud.yahoo.com, AUTH LOGIN PLAIN
XYMCOOKIE, PIPELINING, 250 8BITMIME
|_ HELP reply: qmail home page: http://pobox.com/~djb/qmail.html
but takes up less space.
Also I recategorized it from "intrusive" to "safe" since it just runs
EHLO and HELP against smtp. EHLO is pretty standard of any client
communicating and HELP provides similar output.
Thanks Jason. This is looking good, but it seems to fail unecessarily
on Postfix, which does not seem to implement 'help' by default. It
would be nice if the script still reported the EHLO results. Here is
what happens against mail.titan.net, which handles mail for nmap-dev:
./nmap --script SMTPcommands.nse -sV -p25 mail.titan.net
Starting Nmap 4.62 ( http://nmap.org ) at 2008-05-19 20:41 PDT
Interesting ports on mail.titan.net (188.8.131.52):
PORT STATE SERVICE VERSION
25/tcp open smtp Postfix smtpd
|_ SMTP: HELP with errors or timeout. Enable --script-trace to see what is happening.
Service Info: Host: mail.titan.net
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.140 seconds
The problem is this part of the SMTP discussion:
502 Error: command not implemented
I'll try to put the old format back for "verbose" output and put some
other things in for "debug", but I am not sure when I will have time.
Maybe require two verbose options for the old output. We don't want
to get too verbose for people even if they do specify -v.