Documentation
¶
Overview ¶
Package pop3 provides a zgrab2 module that scans for POP3 mail servers. Default Port: 110 (TCP)
The --send-help and --send-noop flags tell the scanner to send a HELP or NOOP command and read the response.
The --pop3s flag tells the scanner to perform a TLS handshake immediately after connecting, before even attempting to read the banner. The --starttls flag tells the scanner to send the STLS command, and then negotiate a TLS connection. The scanner uses the standard TLS flags for the handshake. --pop3s and --starttls are mutually exclusive. --pop3s does not change the default port number from 110, so it should usually be coupled with e.g. --port 995.
The --send-quit flag tells the scanner to send a QUIT command before disconnecting.
So, if no flags are specified, the scanner simply reads the banner returned by the server and disconnects.
The output contains the banner and the responses to any commands that were sent, and if or --pop3s --starttls were set, the standard TLS logs.
Index ¶
- func RegisterModule()
- func VerifyPOP3Contents(banner string) zgrab2.ScanStatus
- type Connection
- type Flags
- type Module
- type ScanResults
- type Scanner
- func (scanner *Scanner) GetName() string
- func (scanner *Scanner) GetTrigger() string
- func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error
- func (scanner *Scanner) InitPerSender(senderID int) error
- func (scanner *Scanner) Protocol() string
- func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func VerifyPOP3Contents ¶ added in v0.1.8
func VerifyPOP3Contents(banner string) zgrab2.ScanStatus
Check the contents of the POP3 header and return a relevant ScanStatus
Types ¶
type Connection ¶
Connection wraps the state and access to the SMTP connection.
func (*Connection) ReadResponse ¶
func (conn *Connection) ReadResponse() (string, error)
ReadResponse reads from the connection until it matches the pop3EndRegex. Copied from the original zgrab. TODO: Catch corner cases
func (*Connection) SendCommand ¶
func (conn *Connection) SendCommand(cmd string) (string, error)
SendCommand sends a command, followed by a CRLF, then wait for / read the server's response.
type Flags ¶
type Flags struct {
zgrab2.BaseFlags
zgrab2.TLSFlags
// SendHELP indicates that the client should send the HELP command.
SendHELP bool `long:"send-help" description:"Send the HELP command"`
// SendNOOP indicates that the NOOP command should be sent.
SendNOOP bool `long:"send-noop" description:"Send the NOOP command before closing."`
// SendQUIT indicates that the QUIT command should be sent.
SendQUIT bool `long:"send-quit" description:"Send the QUIT command before closing."`
// POP3Secure indicates that the client should do a TLS handshake immediately after connecting.
POP3Secure bool `long:"pop3s" description:"Immediately negotiate a TLS connection"`
// StartTLS indicates that the client should attempt to update the connection to TLS.
StartTLS bool `long:"starttls" description:"Send STLS before negotiating"`
// Verbose indicates that there should be more verbose logging.
Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"`
}
Flags holds the command-line configuration for the POP3 scan module. Populated by the framework.
type Module ¶
type Module struct {
}
Module implements the zgrab2.Module interface.
func (*Module) Description ¶ added in v0.1.3
Description returns an overview of this module.
func (*Module) NewFlags ¶
func (module *Module) NewFlags() interface{}
NewFlags returns a default Flags object.
func (*Module) NewScanner ¶
NewScanner returns a new Scanner instance.
type ScanResults ¶
type ScanResults struct {
// Banner is the string sent by the server immediately after connecting.
Banner string `json:"banner,omitempty"`
// NOOP is the server's response to the NOOP command, if one is sent.
NOOP string `json:"noop,omitempty"`
// HELP is the server's response to the HELP command, if it is sent.
HELP string `json:"help,omitempty"`
// StartTLS is the server's response to the STARTTLS command, if it is sent.
StartTLS string `json:"starttls,omitempty"`
// QUIT is the server's response to the QUIT command, if it is sent.
QUIT string `json:"quit,omitempty"`
// TLSLog is the standard TLS log, if --starttls or --pop3s is enabled.
TLSLog *zgrab2.TLSLog `json:"tls,omitempty"`
}
ScanResults instances are returned by the module's Scan function.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner implements the zgrab2.Scanner interface.
func (*Scanner) GetTrigger ¶
GetTrigger returns the Trigger defined in the Flags.
func (*Scanner) InitPerSender ¶
InitPerSender initializes the scanner for a given sender.
func (*Scanner) Scan ¶
func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Scan performs the POP3 scan.
- Open a TCP connection to the target port (default 110).
- If --pop3s is set, perform a TLS handshake using the command-line flags.
- Read the banner.
- If --send-help is sent, send HELP, read the result.
- If --send-noop is sent, send NOOP, read the result.
- If --starttls is sent, send STLS, read the result, negotiate a TLS connection using the command-line flags.
- If --send-quit is sent, send QUIT and read the result.
- Close the connection.
Source Files