Documentation ¶
Overview ¶
Package smtp provides a zgrab2 module that scans for SMTP mail servers. Default Port: 25 (TCP)
The --smtps command tells the scanner to wrap the entire connection in a TLS session.
The --send-ehlo and --send-helo flags tell the scanner to first send the EHLO/HELO command; if a --ehlo-domain or --helo-domain is present that domain will be used, otherwise it is omitted. The EHLO and HELO flags are mutually exclusive.
The --send-help flag tells the scanner to send a HELP command.
The --starttls flag tells the scanner to send the STARTTLS command, and then negotiate a TLS connection. The scanner uses the standard TLS flags for the handshake.
The --send-quit flag tells the scanner to send a QUIT command.
So, if no flags are specified, the scanner simply reads the banner returned by the server and disconnects.
The output contains the banner and the responses to any commands that were sent, and if --starttls or --smtps was sent, the standard TLS logs.
Index ¶
- Variables
- func RegisterModule()
- func VerifySMTPContents(banner string) (zgrab2.ScanStatus, int)
- type Connection
- type Flags
- type Module
- type ScanResults
- type Scanner
- func (scanner *Scanner) GetName() string
- func (scanner *Scanner) GetTrigger() string
- func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error
- func (scanner *Scanner) InitPerSender(senderID int) error
- func (scanner *Scanner) Protocol() string
- func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidResponse = zgrab2.NewScanError(zgrab2.SCAN_PROTOCOL_ERROR, errors.New("Invalid response for SMTP"))
ErrInvalidResponse is returned when the server returns an invalid or unexpected response.
Functions ¶
func VerifySMTPContents ¶
func VerifySMTPContents(banner string) (zgrab2.ScanStatus, int)
Verify that an SMTP code was returned, and that it is a successful one! Return code on SCAN_APPLICATION_ERROR for better info
Types ¶
type Connection ¶
Connection wraps the state and access to the SMTP connection.
func (*Connection) ReadResponse ¶
func (conn *Connection) ReadResponse() (string, error)
ReadResponse reads from the connection until it matches the smtpEndRegex. Copied from the original zgrab. TODO: Catch corner cases
func (*Connection) SendCommand ¶
func (conn *Connection) SendCommand(cmd string) (string, error)
SendCommand sends a command, followed by a CRLF, then wait for / read the server's response.
type Flags ¶
type Flags struct { zgrab2.BaseFlags zgrab2.TLSFlags // SendEHLO indicates that the EHLO command should be set. SendEHLO bool `long:"send-ehlo" description:"Send the EHLO command; use --ehlo-domain to set a domain."` // SendHELO indicates that the HELO command should be set. SendHELO bool `long:"send-helo" description:"Send the HELO command; use --helo-domain to set a domain."` // SendHELP indicates that the client should send the HELP command (after HELO/EHLO). SendHELP bool `long:"send-help" description:"Send the HELP command"` // SendQUIT indicates that the QUIT command should be set. SendQUIT bool `long:"send-quit" description:"Send the QUIT command before closing."` // HELODomain is the domain the client should send in the HELO command. HELODomain string `long:"helo-domain" description:"Set the domain to use with the HELO command. Implies --send-helo."` // EHLODomain is the domain the client should send in the EHLO command. EHLODomain string `long:"ehlo-domain" description:"Set the domain to use with the EHLO command. Implies --send-ehlo."` // SMTPSecure indicates that the entire transaction should be wrapped in a TLS session. SMTPSecure bool `long:"smtps" description:"Perform a TLS handshake immediately upon connecting."` // StartTLS indicates that the client should attempt to update the connection to TLS. StartTLS bool `long:"starttls" description:"Send STARTTLS before negotiating"` // Verbose indicates that there should be more verbose logging. Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` }
Flags holds the command-line configuration for the HTTP scan module. Populated by the framework.
type Module ¶
type Module struct { }
Module implements the zgrab2.Module interface.
func (*Module) Description ¶
Description returns an overview of this module.
func (*Module) NewFlags ¶
func (module *Module) NewFlags() interface{}
NewFlags returns a default Flags object.
func (*Module) NewScanner ¶
NewScanner returns a new Scanner instance.
type ScanResults ¶
type ScanResults struct { // Banner is the string sent by the server immediately after connecting. Banner string `json:"banner,omitempty"` // HELO is the server's response to the HELO command, if one is sent. HELO string `json:"helo,omitempty"` // EHLO is the server's response to the EHLO command, if one is sent. EHLO string `json:"ehlo,omitempty"` // HELP is the server's response to the HELP command, if it is sent. HELP string `json:"help,omitempty"` // StartTLS is the server's response to the STARTTLS command, if it is sent. StartTLS string `json:"starttls,omitempty"` // QUIT is the server's response to the QUIT command, if it is sent. QUIT string `json:"quit,omitempty"` // ImplicitTLS is true if the connection was wrapped in TLS, as opposed // to using StartTls ImplicitTLS bool `json:"implicit_tls,omitempty"` // TLSLog is the standard TLS log, if STARTTLS is sent. TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` }
ScanResults instances are returned by the module's Scan function.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner implements the zgrab2.Scanner interface.
func (*Scanner) GetTrigger ¶
GetTrigger returns the Trigger defined in the Flags.
func (*Scanner) InitPerSender ¶
InitPerSender initializes the scanner for a given sender.
func (*Scanner) Scan ¶
func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Scan performs the SMTP scan.
- Open a TCP connection to the target port (default 25).
- If --smtps is set, perform a TLS handshake.
- Read the banner.
- If --send-ehlo or --send-helo is sent, send the corresponding EHLO or HELO command.
- If --send-help is sent, send HELP, read the result.
- If --starttls is sent, send STARTTLS, read the result, negotiate a TLS connection.
- If --send-quit is sent, send QUIT and read the result.
- Close the connection.