Re: updated smtp-commands nse script

[David Fifield <david () bamsoftware com>]

On Tue, Mar 30, 2010 at 05:24:53PM -0500, DePriest, Jason R. wrote:
> On Tue, Mar 30, 2010 at 5:21 PM, Duarte Silva <> wrote:
> > On Tue, Mar 30, 2010 at 9:07 PM, DePriest, Jason R.
> > > On Tue, Mar 30, 2010 at 1:41 PM, DePriest, Jason R. <> wrote:
> > > > -- 1.7.1.0 - 2010-03-29
> > > > -- + It was getting an unknown response from the email servers and
> > > > --   providing no output.  This is because the initial command it
> > > > --   sends to check for connectivity doesn't produce anything.
> > > > --   I changed it from '\n' to 'HELO example.org\r\n'
> > > > -- + added 'smtps' to the triggers for this script to run
> > > >
> > > > I only tested it against an box running a version of Exchange.
> > > >
> > > > If there are any issues with other mail servers, just let me know.
> > > Thanks, David.
> > >
> > > Forgot the attachment.
> >
> > I have a suggestion to make, where the script performs
> >
> > > socket = comm.tryssl(host, port, "HELO example.org\r\n", opt)
> >
> > Change it to EHLO instead of HELO and remove the following lines that
> > send and verify the HELO command because they are redundant. Take a
> > look at smtp-open-relay or smtp-enum-users to have a better idea on
> > how to perform the initial *handshake* of SMTP.
>
> This was just a quick fix to make it work at all.
>
> I will look at those other scripts and try to rework this one altogether.

The way smtp-commands works with tryssl is kind of strange. It looks
like it began in r13976 when tryssl was introduced to the script. If you
can make this script work like the other smtp scripts in this regard it
would be good. I'm going to go ahead and commit the portrule change.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/