Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/auxiliary/fuzzers/smtp/smtp_fuzzer.rb
Views: 11784
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45##6# A Very simple Module to fuzzer some SMTP commands.7# It allows to respect the order or just throw everything at it....8##910class MetasploitModule < Msf::Auxiliary11include Msf::Exploit::Remote::Smtp12include Msf::Auxiliary::Fuzzer13include Msf::Auxiliary::Scanner1415def initialize16super(17'Name' => 'SMTP Simple Fuzzer',18'Description' => 'SMTP Simple Fuzzer',19'References' =>20[21['URL', 'http://www.ietf.org/rfc/rfc2821.txt'],22],23'Author' => 'justme',24'License' => MSF_LICENSE25)2627register_options([28Opt::RPORT(25),29OptInt.new("STARTLEN", [true, "Length of the string - start number", 100] ),30OptInt.new("INTERACTIONS", [false, "Number of interactions to run", 100] ),31OptBool.new("RESPECTORDER", [false, "Respect order of commands", true] ),32OptEnum.new("CMD", [true,"Command to fuzzer",'EHLO',33[34'EHLO',35'HELO',36'MAILFROM',37'RCPTTO',38'DATA',39'VRFY',40'EXPN'41], 'EHLO'])42])43end4445def smtp_send(data='', con=true)46begin47@result=''48@coderesult=''49if (con)50@connected=false51connect52end53@connected=true54sock.put(data)55@result=sock.get_once56@codresult=@result[0..2]57rescue ::Exception => e58print_error(e.to_s)59end60end6162def run_host(ip)63begin64last_str = nil65last_inp = nil66last_err = nil6768cnt = datastore['STARTLEN'] - 169701.upto(datastore['INTERACTIONS']) do |interaction|71cnt += 17273str = fuzzer_gen_string(cnt)74cmd=datastore['CMD']7576begin77if (datastore['RESPECTORDER'])78case cmd79when "HELO", "EHLO", "VRFY", "EXPN"80c = datastore['CMD'] + " " + str + "\r\n"81smtp_send(c,true)82#print_status(c)83disconnect8485when "MAILFROM"86c ="EHLO localhost\r\n"87smtp_send(c,true)88#print_status(c)89c="MAIL FROM:<" + str + ">\r\n"90smtp_send(c,false)91disconnect92#print_status(c)93when "RCPTTO"94c ="EHLO localhost\r\n"95smtp_send(c,true)96#print_status(c)97c="MAIL FROM:<" + datastore['MAILFROM'] + ">\r\n"98smtp_send(c,false)99#print_status(c)100c="RCPT TO:<" + str + ">\r\n"101smtp_send(c,false)102#print_status(c)103disconnect104when "DATA"105c ="EHLO localhost\r\n"106smtp_send(c,true)107#print_status(c)108c="MAIL FROM:<" + datastore['MAILFROM'] + ">\r\n"109smtp_send(c,false)110#print_status(c)111c="RCPT TO:<" + datastore['MAILTO'] + ">\r\n"112smtp_send(c,false)113#print_status(c)114c="DATA \r\n"115smtp_send(c,false)116c= str + "\r\n.\r\n"117smtp_send(c,false)118#print_status(c)119disconnect120end121else122c = datastore['CMD'] + " " + str + "\r\n"123smtp_send(c,true)124#print_status(c)125disconnect126end127128print_status("Fuzzing with iteration #{interaction}\n #{@result}")129130rescue ::Interrupt131print_status("Exiting on interrupt: iteration #{interaction} using string #{str}")132raise $!133rescue ::Exception => e134last_err = e135#ensure136#disconnect137end138139140if(not @connected)141if(last_str)142print_status("The service may have crashed: iteration:#{interection-1} String=''#{last_str}'' error=#{last_err}")143else144print_status("Could not connect to the service: #{last_err}")145end146return147end148149last_str = str150last_inp = @last_fuzzer_input151end152end153end154end155156157