Module: Msf::Exploit::Remote::Smtp
- Includes:
- Tcp
- Defined in:
- lib/msf/core/exploit/remote/smtp.rb
Overview
This module exposes methods that may be useful to exploits that deal with servers that speak the SMTP protocol.
Instance Attribute Summary collapse
-
#banner ⇒ Object
protected
This attribute holds the banner that was read in after a successful call to connect or connect_login.
Attributes included from Tcp
Instance Method Summary collapse
-
#connect(global = true) ⇒ Object
This method establishes a SMTP connection to host and port specified by the RHOST and RPORT options, respectively.
-
#connect_login(global = true) ⇒ Object
Connect to the remote SMTP server, and begin a DATA transfer.
-
#initialize(info = {}) ⇒ Object
Creates an instance of an SMTP exploit module.
-
#raw_send_recv(cmd, nsock = self.sock) ⇒ Object
This method transmits an IMAP command and waits for a response.
Methods included from Tcp
#chost, #cleanup, #connect_timeout, #cport, #disconnect, #handler, #lhost, #lport, #peer, #print_prefix, #proxies, #rhost, #rport, #set_tcp_evasions, #shutdown, #ssl, #ssl_cipher, #ssl_verify_mode, #ssl_version
Instance Attribute Details
#banner ⇒ Object (protected)
This attribute holds the banner that was read in after a successful call to connect or connect_login.
76 77 78 |
# File 'lib/msf/core/exploit/remote/smtp.rb', line 76 def @banner end |
Instance Method Details
#connect(global = true) ⇒ Object
This method establishes a SMTP connection to host and port specified by the RHOST and RPORT options, respectively. After connecting, the banner message is read in and stored in the ‘banner’ attribute.
38 39 40 41 42 43 44 45 |
# File 'lib/msf/core/exploit/remote/smtp.rb', line 38 def connect(global = true) fd = super # Wait for a banner to arrive... self. = fd.get_once(-1, 30) # Return the file descriptor to the caller fd end |
#connect_login(global = true) ⇒ Object
Connect to the remote SMTP server, and begin a DATA transfer
50 51 52 53 54 55 56 57 58 59 |
# File 'lib/msf/core/exploit/remote/smtp.rb', line 50 def connect_login(global = true) smtpsock = connect(global) raw_send_recv("EHLO X\r\n") raw_send_recv("MAIL FROM: #{datastore['MAILFROM']}\r\n") raw_send_recv("RCPT TO: #{datastore['MAILTO']}\r\n") raw_send_recv("DATA\r\n") return true end |
#initialize(info = {}) ⇒ Object
Creates an instance of an SMTP exploit module.
18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/msf/core/exploit/remote/smtp.rb', line 18 def initialize(info = {}) super # Register the options that all SMTP exploits may make use of. ( [ Opt::RHOST, Opt::RPORT(25), OptString.new('MAILFROM', [ true, 'FROM address of the e-mail', 'sender@example.com']), OptString.new('MAILTO', [ true, 'TO address of the e-mail', 'target@example.com']), ], Msf::Exploit::Remote::Smtp) register_autofilter_ports([ 25, 465, 587, 2525, 25025, 25000]) register_autofilter_services(%W{ smtp smtps}) end |
#raw_send_recv(cmd, nsock = self.sock) ⇒ Object
This method transmits an IMAP command and waits for a response. If one is received, it is returned to the caller.
65 66 67 68 |
# File 'lib/msf/core/exploit/remote/smtp.rb', line 65 def raw_send_recv(cmd, nsock = self.sock) nsock.put(cmd) nsock.get_once end |