smtp

package
v0.0.0-...-5d1382d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2023 License: Apache-2.0, ISC Imports: 9 Imported by: 0

Documentation

Overview

Package smtp provides a zgrab2 module that scans for SMTP mail servers. Default Port: 25 (TCP)

The --smtps command tells the scanner to wrap the entire connection in a TLS session.

The --send-ehlo and --send-helo flags tell the scanner to first send the EHLO/HELO command; if a --ehlo-domain or --helo-domain is present that domain will be used, otherwise it is omitted. The EHLO and HELO flags are mutually exclusive.

The --send-help flag tells the scanner to send a HELP command.

The --starttls flag tells the scanner to send the STARTTLS command, and then negotiate a TLS connection. The scanner uses the standard TLS flags for the handshake.

The --send-quit flag tells the scanner to send a QUIT command.

So, if no flags are specified, the scanner simply reads the banner returned by the server and disconnects.

The output contains the banner and the responses to any commands that were sent, and if --starttls or --smtps was sent, the standard TLS logs.

Index

Constants

This section is empty.

Variables

View Source
var ErrInvalidResponse = zgrab2.NewScanError(zgrab2.SCAN_PROTOCOL_ERROR, errors.New("Invalid response for SMTP"))

ErrInvalidResponse is returned when the server returns an invalid or unexpected response.

Functions

func RegisterModule

func RegisterModule()

RegisterModule registers the zgrab2 module.

func VerifySMTPContents

func VerifySMTPContents(banner string) (zgrab2.ScanStatus, int)

Verify that an SMTP code was returned, and that it is a successful one! Return code on SCAN_APPLICATION_ERROR for better info

Types

type Connection

type Connection struct {
	Conn net.Conn
}

Connection wraps the state and access to the SMTP connection.

func (*Connection) ReadResponse

func (conn *Connection) ReadResponse() (string, error)

ReadResponse reads from the connection until it matches the smtpEndRegex. Copied from the original zgrab. TODO: Catch corner cases

func (*Connection) SendCommand

func (conn *Connection) SendCommand(cmd string) (string, error)

SendCommand sends a command, followed by a CRLF, then wait for / read the server's response.

type Flags

type Flags struct {
	zgrab2.BaseFlags
	zgrab2.TLSFlags

	// SendEHLO indicates that the EHLO command should be set.
	SendEHLO bool `long:"send-ehlo" description:"Send the EHLO command; use --ehlo-domain to set a domain."`

	// SendHELO indicates that the HELO command should be set.
	SendHELO bool `long:"send-helo" description:"Send the EHLO command; use --helo-domain to set a domain."`

	// SendHELP indicates that the client should send the HELP command (after HELO/EHLO).
	SendHELP bool `long:"send-help" description:"Send the HELP command"`

	// SendQUIT indicates that the QUIT command should be set.
	SendQUIT bool `long:"send-quit" description:"Send the QUIT command before closing."`

	// HELODomain is the domain the client should send in the HELO command.
	HELODomain string `long:"helo-domain" description:"Set the domain to use with the HELO command. Implies --send-helo."`

	// EHLODomain is the domain the client should send in the HELO command.
	EHLODomain string `long:"ehlo-domain" description:"Set the domain to use with the EHLO command. Implies --send-ehlo."`

	// SMTPSecure indicates that the entire transaction should be wrapped in a TLS session.
	SMTPSecure bool `long:"smtps" description:"Perform a TLS handshake immediately upon connecting."`

	// StartTLS indicates that the client should attempt to update the connection to TLS.
	StartTLS bool `long:"starttls" description:"Send STARTTLS before negotiating"`

	// Verbose indicates that there should be more verbose logging.
	Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"`
}

Flags holds the command-line configuration for the HTTP scan module. Populated by the framework.

func (*Flags) Help

func (flags *Flags) Help() string

Help returns the module's help string.

func (*Flags) Validate

func (flags *Flags) Validate(args []string) error

Validate checks that the flags are valid. On success, returns nil. On failure, returns an error instance describing the error.

type Module

type Module struct {
}

Module implements the zgrab2.Module interface.

func (*Module) Description

func (module *Module) Description() string

Description returns an overview of this module.

func (*Module) NewFlags

func (module *Module) NewFlags() interface{}

NewFlags returns a default Flags object.

func (*Module) NewScanner

func (module *Module) NewScanner() zgrab2.Scanner

NewScanner returns a new Scanner instance.

type ScanResults

type ScanResults struct {
	// Banner is the string sent by the server immediately after connecting.
	Banner string `json:"banner,omitempty"`

	// HELO is the server's response to the HELO command, if one is sent.
	HELO string `json:"helo,omitempty"`

	// EHLO is the server's response to the EHLO command, if one is sent.
	EHLO string `json:"ehlo,omitempty"`

	// HELP is the server's response to the HELP command, if it is sent.
	HELP string `json:"help,omitempty"`

	// StartTLS is the server's response to the STARTTLS command, if it is sent.
	StartTLS string `json:"starttls,omitempty"`

	// QUIT is the server's response to the QUIT command, if it is sent.
	QUIT string `json:"quit,omitempty"`

	// ImplicitTLS is true if the connection was wrapped in TLS, as opposed
	// to using StartTls
	ImplicitTLS bool `json:"implicit_tls,omitempty"`

	// TLSLog is the standard TLS log, if STARTTLS is sent.
	TLSLog *zgrab2.TLSLog `json:"tls,omitempty"`
}

ScanResults instances are returned by the module's Scan function.

type Scanner

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner implements the zgrab2.Scanner interface.

func (*Scanner) GetName

func (scanner *Scanner) GetName() string

GetName returns the Scanner name defined in the Flags.

func (*Scanner) GetTrigger

func (scanner *Scanner) GetTrigger() string

GetTrigger returns the Trigger defined in the Flags.

func (*Scanner) Init

func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error

Init initializes the Scanner.

func (*Scanner) InitPerSender

func (scanner *Scanner) InitPerSender(senderID int) error

InitPerSender initializes the scanner for a given sender.

func (*Scanner) Protocol

func (scanner *Scanner) Protocol() string

Protocol returns the protocol identifier of the scan.

func (*Scanner) Scan

func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)

Scan performs the SMTP scan.

  1. Open a TCP connection to the target port (default 25).
  2. If --smtps is set, perform a TLS handshake.
  3. Read the banner.
  4. If --send-ehlo or --send-helo is sent, send the corresponding EHLO or HELO command.
  5. If --send-help is sent, send HELP, read the result.
  6. If --starttls is sent, send STARTTLS, read the result, negotiate a TLS connection.
  7. If --send-quit is sent, send QUIT and read the result.
  8. Close the connection.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL