Hi,
I added a check for the Microsoft AUTH relaying bypass.
If someone spots a problem please let me know.
Index: smtp_relay.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/smtp_relay.nasl,v
retrieving revision 1.14
diff -r1.14 smtp_relay.nasl
83,86c83,104
< if(i == "250 "){
< security_warning(port);
< set_kb_item(name:"SMTP/spam", value:TRUE);
< }
---
> if(i == "250 ")
> {
> security_warning(port);
> set_kb_item(name:"SMTP/spam", value:TRUE);
> }
> else
> {
> crp = string("AUTH NTLM <etc, etc>\r\n");
> send(socket:soc, data:crp);
> i = recv_line(socket:soc, length:4);
> if (i == "334 ")
> {
> crp = string("RCPT TO: test_2@nessus.org\r\n");
> send(socket:soc, data:crp);
> i = recv_line(socket:soc, length:4);
> if(i == "250 ")
> {
> security_warning(port);
> set_kb_item(name:"SMTP/spam", value:TRUE);
> }
> }
> }
Thanks
Noam Rathaus
CTO
Beyond Security Ltd
http://www.SecurITeam.com
http://www.BeyondSecurity.com
I added a check for the Microsoft AUTH relaying bypass.
If someone spots a problem please let me know.
Index: smtp_relay.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/smtp_relay.nasl,v
retrieving revision 1.14
diff -r1.14 smtp_relay.nasl
83,86c83,104
< if(i == "250 "){
< security_warning(port);
< set_kb_item(name:"SMTP/spam", value:TRUE);
< }
---
> if(i == "250 ")
> {
> security_warning(port);
> set_kb_item(name:"SMTP/spam", value:TRUE);
> }
> else
> {
> crp = string("AUTH NTLM <etc, etc>\r\n");
> send(socket:soc, data:crp);
> i = recv_line(socket:soc, length:4);
> if (i == "334 ")
> {
> crp = string("RCPT TO: test_2@nessus.org\r\n");
> send(socket:soc, data:crp);
> i = recv_line(socket:soc, length:4);
> if(i == "250 ")
> {
> security_warning(port);
> set_kb_item(name:"SMTP/spam", value:TRUE);
> }
> }
> }
Thanks
Noam Rathaus
CTO
Beyond Security Ltd
http://www.SecurITeam.com
http://www.BeyondSecurity.com