Re: Discovering users by RCPT TO
From: Martin Fallon (mar_fallon_at_yahoo.com.br)
Date: 01/13/05
- Previous message: Chris Buechler: "Re: Discovering users by RCPT TO"
- In reply to: GuidoZ: "Re: Discovering users by RCPT TO"
- Next in thread: Kiril Todorov: "Re: Discovering users by RCPT TO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 Jan 2005 15:26:33 -0300 (ART) To: pen-test@securityfocus.com
Hello!
This is not new.
There are many programs that execute smtp
command RCPT TO to get valid counts:
http://packetstormsecurity.org/UNIX/misc/rcpt-analisys.tgz
http://cdm.frontthescene.com.br/ferramentas/torque-v0.3.tar.gz
In some servers, you have to edit previous commands
"HELO/EHLO/MAIL FROM" to have sucess.
Best Regards,
Martin Fallon.
--- GuidoZ <uberguidoz@gmail.com> escreveu:
> [snip]
> > Testing for Open Relay, I realized that the server
> answers different to
> > existing users and non-existing users, when trying
> to deliver mails using
> > RCPT TO:
>
> Interesting. It wouldn't be hard to make a Perl
> script (or other) that
> logs into the SMTP server, then runs through a list
> of predefined
> users to test and see if they have an account. I
> would call it
> information disclosure for sure.
>
> As for how to fix it, I don't know that you can.
> It's part of the
> protocol to answer to RCPT TO. What version of
> Sendmail? In the more
> recent versions, you can alter the text that is
> displayed there...
> maybe change it all to something like "I'll try that
> address" for
> both.
>
> --
> Peace. ~G
>
>
> On Wed, 12 Jan 2005 20:42:04 +0000, Andres Molinetti
> <andymolinetti@hotmail.com> wrote:
> > I'm currently over a pen-test and I have found
> that their SMTP Server
> > (SendMail) does not have VRFY or EXPN methods
> available, which was the most
> > probably thing to happen taking into account the
> server has been through
> > some hardening before.
> >
> > Testing for Open Relay, I realized that the server
> answers different to
> > existing users and non-existing users, when trying
> to deliver mails using
> > RCPT TO:
> >
> > E.g:
> >
> > rcpt to: asdfasdf@domain
> > 550 5.1.1 asdfasdf@domain... User unknown
> > rcpt to: bin@domain
> > 250 2.1.5 bin@domain... Recipient ok
> > rcpt to: nobody@domain
> > 250 2.1.5 nobody@domain... Recipient ok
> > rcpt to: oper@domain
> > 550 5.1.1 oper@domain... User unknown
> > rcpt to: root@domain
> > 250 2.1.5 root@domain... Recipient ok
> >
> > Is this ok or is it information disclousure? Is
> there any way to fix it? It
> > is Sendmail...
> >
> > Thanks in advance,
> >
> > Andres Molinetti
> > CISSP
> >
> >
>
_________________________________________________________________
> > Acepta el reto MSN Premium: Protección para tus
> hijos en internet.
> > Descárgalo y pruébalo 2 meses gratis.
> >
>
http://join.msn.com?XAPID=1697&DI=1055&HL=Footer_mailsenviados_proteccioninfantil
> >
> >
>
=====
Sem caminhos pra seguir, na incerteza de chegar,
quem decide por partir, soh pensa em procurar,
um futuro com alguem, nao importa o que passou,
jah nem se lembra mais, quer eh recomecar!
(Quimera - Extinta Banda Zero)
__________________________________________________
Converse com seus amigos em tempo real com o Yahoo! Messenger
http://br.download.yahoo.com/messenger/
- Previous message: Chris Buechler: "Re: Discovering users by RCPT TO"
- In reply to: GuidoZ: "Re: Discovering users by RCPT TO"
- Next in thread: Kiril Todorov: "Re: Discovering users by RCPT TO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
