Nmap Development mailing list archives
Re: Comments on smtp-open-relay and smtp-enum-users
From: Duarte Silva <duartejcsilva () gmail com>
Date: Tue, 16 Mar 2010 09:37:36 +0000
You have to add verbosity, if you do it will still print all the successful tests. With verbosity | smtp-open-relay: | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest () nmap scanme org"> | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest%nmap.scanme.org"> | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<nmap.scanme.org!relaytest> |_ Server seems to be an open relay Anyway I will try do add your suggestion since it also looks cleaner. I think something like this will suffice to cover all the suggestions made until now. - Without verbosity |_smtp-open-relay: Server is an open relay (3/16 tests) - With | smtp-open-relay: Server is an open relay (3/16 tests) | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest () nmap scanme org"> | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest%nmap.scanme.org"> |_ MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<nmap.scanme.org!relaytest> - When all tests fail (verbosity independent) |_smtp-open-relay: Server doesn't seem to be an open relay, all tests failed - or |_smtp-open-relay: Server isn't an open relay, authentication needed On Mon, Mar 15, 2010 at 11:29 PM, David Fifield <david () bamsoftware com> wrote:
On Sun, Mar 14, 2010 at 11:15:33AM +0000, Duarte Silva wrote:smtp-open-relay.nse looks like it's working as well, but I don't think the output is clear enough. It'd be nice to get a boolean message, saying "this server IS an open relay" or "x out of 5 tests passed, this server is likely [not] an open relay". That'd be helpful to me.The changes have been made to smtp-open-relay.nse. It is also now possible to specify which addresses to use in the tests. Default are antispam and relaytest respectively.Those changes look fine. I think it's a mistake, though, to remove the list of successful tests from the output. The output of the script was | smtp-open-relay: | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest () nmap scanme org"> | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest%nmap.scanme.org"> |_ MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<nmap.scanme.org!relaytest> With the patch it will be | smtp-open-relay: |_ Server seems to be an open relay, 3 successful test(s) May I suggest this? | smtp-open-relay: Server is an open relay (3/16 tests) | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest () nmap scanme org"> | MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<"relaytest%nmap.scanme.org"> |_ MAIL FROM:<antispam@[10.0.1.2]> -> RCPT TO:<nmap.scanme.org!relaytest> Putting the binary message on the same line as "smtp-open-relay" makes it easy to grep for. David Fifield
Attachment:
smtp-open-relay.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Comments on smtp-open-relay and smtp-enum-users Ron (Mar 12)
- Re: Comments on smtp-open-relay and smtp-enum-users Duarte Silva (Mar 14)
- Re: Comments on smtp-open-relay and smtp-enum-users David Fifield (Mar 15)
- Re: Comments on smtp-open-relay and smtp-enum-users Duarte Silva (Mar 16)
- Re: Comments on smtp-open-relay and smtp-enum-users David Fifield (Mar 16)
- Re: Comments on smtp-open-relay and smtp-enum-users Duarte Silva (Mar 16)
- Re: Comments on smtp-open-relay and smtp-enum-users Duarte Silva (Mar 21)
- Re: Comments on smtp-open-relay and smtp-enum-users David Fifield (Mar 21)
- Re: Comments on smtp-open-relay and smtp-enum-users David Fifield (Mar 15)
- Re: Comments on smtp-open-relay and smtp-enum-users Duarte Silva (Mar 14)