WMAT - Web Mail Auth Tool

["Ivan Markovic" <ivanm () security-net biz>]

Hello everyone, 

After successful project DFF Scanner
(http://www.owasp.org/index.php/Phoenix/Tools) I'm happy to introduce a new
tool from NSS (http://netsec.rs) WMAT. 

WMAT is Web Mail Auth Tool that provide some essential functions for testing
web mail logins, written in python with support of pyCurl. 

How it works ? It is very simple, You give WMAT file with usernames, file
with passwords, URL of web mail app and chose pattern for attack. 

Patterns are XML files that define post/get fields, http method, referer,
success tag, etc ... for each web mail applications. 

For now I have patterns for horde, squirrelmail, kerio and mdaemon web mail.


XML files are like this: 

--- horde.wmat.xml --- 
<?xml version='1.0' encoding='UTF-8'?> 
<data> 
<username>horde_user</username> 
<password>horde_pass</password> 
<action_url>login.php</action_url> 
<success>sidebar.php</success> 
<method>post</method> 
<useragent></useragent> 
<referer></referer> 
<additional_fields></additional_fields> 
<author>ivan.markovic () netsec rs</author> 
</data> 
----------------------- 

I need some help from community for this patterns. In each pattern I expect
author field as sign of gratitude. 

There are some more options like setting timeout (time between each
request), bell on success and option for writing output in file. 

Readme file is here: http://security-net.biz/wmat/readme.txt

This is first version and I plan to implement more options like: 
- using a proxy 
- special addon for generation of usernames/passwords 
- automatic recognizer of web app 
- ... 

You can download WMAT from this URL: http://security-net.biz/wmat/wmat.zip
or  see wmat.py here: http://security-net.biz/wmat/wmat.py.txt


Please give some comments, ideas/requests, bug reports, ... 


Thanks, 
Ivan Markovic 
Network Security Solutions