Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Wed, 21 May 2008 22:32:38 -0500

New version.  Please test against some mail servers since my ISP
definitely (confirmed by former employee) blocks access to port 25 on
all but their own mail servers.

no verbose gives you this
[output]
Interesting ports on 68.142.198.11:
PORT   STATE SERVICE
25/tcp open  smtp
|  SMTP: EHLO smtp107.sbc.mail.mud.yahoo.com, AUTH LOGIN PLAIN
XYMCOOKIE, PIPELINING, 250 8BITMIME
|_ HELP qmail home page: http://pobox.com/~djb/qmail.html
[/output]

verbose X2 or debug X2 gives you this
[output]
Host 68.142.198.11 appears to be up ... good.
Interesting ports on 68.142.198.11:
PORT   STATE SERVICE
25/tcp open  smtp
|  SMTP: >>>> EHLO example.org
|  <<<< smtp102.sbc.mail.mud.yahoo.com
|  <<<< AUTH LOGIN PLAIN XYMCOOKIE
|  <<<< PIPELINING
|  <<<< 250 8BITMIME
|  >>>> HELP
|_ <<<< qmail home page: http://pobox.com/~djb/qmail.html
[/output]

-Jason

On Mon, May 19, 2008 at 10:42 PM, Fyodor <> wrote:

Thanks Jason.  This is looking good, but it seems to fail unecessarily
on Postfix, which does not seem to implement 'help' by default.  It
would be nice if the script still reported the EHLO results.  Here is
what happens against mail.titan.net, which handles mail for nmap-dev:

./nmap --script SMTPcommands.nse -sV -p25 mail.titan.net

Starting Nmap 4.62 ( http://nmap.org ) at 2008-05-19 20:41 PDT
Interesting ports on mail.titan.net (64.13.134.2):
PORT   STATE SERVICE VERSION
25/tcp open  smtp    Postfix smtpd
|_ SMTP: HELP with errors or timeout.  Enable --script-trace to see what is happening.
Service Info: Host:  mail.titan.net

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.140 seconds

The problem is this part of the SMTP discussion:

HELP
502 Error: command not implemented

I'll try to put the old format back for "verbose" output and put some
other things in for "debug", but I am not sure when I will have time.

Maybe require two verbose options for the old output.  We don't want
to get too verbose for people even if they do specify -v.

Cheers,
-F

Attachment: SMTPcommands.nse
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault