imap

package
v0.1.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2023 License: Apache-2.0, ISC Imports: 8 Imported by: 0

Documentation

Overview

Package imap provides a zgrab2 module that scans for IMAP mail servers. Default Port: 143 (TCP)

The --imaps flag tells the scanner to perform a TLS handshake immediately after connecting, before even attempting to read the banner. The --starttls flag tells the scanner to send the STARTTLS command and then negotiate a TLS connection. The scanner uses the standard TLS flags for the handshake. --imaps and --starttls are mutually exclusive. --imaps does not change the default port number from 143, so it should usually be coupled with e.g. --port 993.

The --send-close flag tells the scanner to send a CLOSE command before disconnecting.

So, if no flags are specified, the scanner simply reads the banner returned by the server and disconnects.

The output contains the banner and the responses to any commands that were sent, and if or --imaps --starttls were set, the standard TLS logs.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterModule 

func RegisterModule()

RegisterModule registers the zgrab2 module.

func VerifyIMAPContents 

func VerifyIMAPContents(banner string) zgrab2.ScanStatus

Check the contents of the IMAP banner and return a relevant ScanStatus

Types

type Connection 

type Connection struct {
	Conn net.Conn
}

Connection wraps the state and access to the SMTP connection.

func (*Connection) ReadResponse 

func (conn *Connection) ReadResponse() (string, error)

ReadResponse reads from the connection until it matches the imapEndRegex. Copied from the original zgrab. TODO: Catch corner cases

func (*Connection) SendCommand 

func (conn *Connection) SendCommand(cmd string) (string, error)

SendCommand sends a command, followed by a CRLF, then wait for / read the server's response.

type Flags 

type Flags struct {
	zgrab2.BaseFlags
	zgrab2.TLSFlags

	// SendCLOSE indicates that the CLOSE command should be sent.
	SendCLOSE bool `long:"send-close" description:"Send the CLOSE command before closing."`

	// IMAPSecure indicates that the client should do a TLS handshake immediately after connecting.
	IMAPSecure bool `long:"imaps" description:"Immediately negotiate a TLS connection"`

	// StartTLS indicates that the client should attempt to update the connection to TLS.
	StartTLS bool `long:"starttls" description:"Send STLS before negotiating"`

	// Verbose indicates that there should be more verbose logging.
	Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"`
}

Flags holds the command-line configuration for the IMAP scan module. Populated by the framework.

func (*Flags) Help 

func (flags *Flags) Help() string

Help returns the module's help string.

func (*Flags) Validate 

func (flags *Flags) Validate(args []string) error

Validate checks that the flags are valid. On success, returns nil. On failure, returns an error instance describing the error.

type Module 

type Module struct {
}

Module implements the zgrab2.Module interface.

func (*Module) Description 

func (module *Module) Description() string

Description returns an overview of this module.

func (*Module) NewFlags 

func (module *Module) NewFlags() interface{}

NewFlags returns a default Flags object.

func (*Module) NewScanner 

func (module *Module) NewScanner() zgrab2.Scanner

NewScanner returns a new Scanner instance.

type ScanResults 

type ScanResults struct {
	// Banner is the string sent by the server immediately after connecting.
	Banner string `json:"banner,omitempty"`

	// StartTLS is the server's response to the STARTTLS command, if it is sent.
	StartTLS string `json:"starttls,omitempty"`

	// CLOSE is the server's response to the CLOSE command, if it is sent.
	CLOSE string `json:"close,omitempty"`

	// TLSLog is the standard TLS log, if --starttls or --imaps is enabled.
	TLSLog *zgrab2.TLSLog `json:"tls,omitempty"`
}

ScanResults instances are returned by the module's Scan function.

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner implements the zgrab2.Scanner interface.

func (*Scanner) GetName 

func (scanner *Scanner) GetName() string

GetName returns the Scanner name defined in the Flags.

func (*Scanner) GetTrigger 

func (scanner *Scanner) GetTrigger() string

GetTrigger returns the Trigger defined in the Flags.

func (*Scanner) Init 

func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error

Init initializes the Scanner.

func (*Scanner) InitPerSender 

func (scanner *Scanner) InitPerSender(senderID int) error

InitPerSender initializes the scanner for a given sender.

func (*Scanner) Protocol 

func (scanner *Scanner) Protocol() string

Protocol returns the protocol identifier of the scan.

func (*Scanner) Scan 

func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)

Scan performs the IMAP scan.

  1. Open a TCP connection to the target port (default 143).
  2. If --imaps is set, perform a TLS handshake using the command-line flags.
  3. Read the banner.
  4. If --starttls is sent, send a001 STARTTLS, read the result, negotiate a TLS connection using the command-line flags.
  5. If --send-close is sent, send a001 CLOSE and read the result.
  6. Close the connection.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.