403Webshell
Server IP : 101.53.144.229  /  Your IP : 216.73.216.181
Web Server : Apache
System : Linux host.gdigitalindia.in 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : digitalshiksha ( 1179)
PHP Version : 5.6.40
Disable Function : eval,show_source,system,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,show_source,curl_multi_exechellcmd, ini_restore,apache_get_modules,get_cfg_var,passthru, exec ,proc_get_status,fpassthru,c999_buff_prepare,c999_sess_put,c99_buff_prepare,c99_sess_put,proc_close,ini_alter,dl,symlink,link,proc_close,ini_alter,dl,symlink,link,mail
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/share/nmap/scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /usr/share/nmap/scripts/pop3-brute.nse
local brute = require "brute"
local comm = require "comm"
local nmap = require "nmap"
local pop3 = require "pop3"
local shortport = require "shortport"
local string = require "string"

description = [[
Tries to log into a POP3 account by guessing usernames and passwords.
]]

---
-- @args pop3loginmethod The login method to use: <code>"USER"</code>
-- (default), <code>"SASL-PLAIN"</code>, <code>"SASL-LOGIN"</code>,
-- <code>"SASL-CRAM-MD5"</code>, or <code>"APOP"</code>. Defaults to <code>"USER"</code>,
--
-- @output
-- PORT    STATE SERVICE
-- 110/tcp open  pop3
-- | pop3-brute-ported:
-- | Accounts:
-- |  user:pass => Login correct
-- | Statistics:
-- |_ Performed 8 scans in 1 seconds, average tps: 8

author = "Philip Pickering, Piotr Olma"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

categories = {"intrusive", "brute"}

Driver = {
  new = function(self, host, port, login_function, is_apop)
    local o = {}
    setmetatable(o, self)
    self.__index = self
    o.port = port
    o.host = host
    o.login_function = login_function
    o.is_apop = is_apop
    return o
  end,

  -- Attempts to connect to the POP server
  -- @return true on success
  -- @return false, brute.Error object on failure
  connect = function(self)

    self.socket = nmap.new_socket()
    local opts = {timeout=10000, recv_before=true}
    local best_opt, line, _
    self.socket, _, best_opt, line = comm.tryssl(self.host, self.port, "" , opts)

    if not self.socket then
      local err = brute.Error:new("Failed to connect.")
      err:setAbort(true)
      return false, err
    end --no connection
    if not pop3.stat(line) then
      local err = brute.Error:new("Failed to make a pop-connection.")
      err:setAbort(true)
      return false, err
    end -- no pop-connection

    if self.is_apop then
      self.additional = string.match(line, "<[%p%w]+>") --apop challenge
    end
    return true
  end, --connect

  -- Attempts to login to the POP server
  --
  -- @param username string containing the login username
  -- @param password string containing the login password
  -- @return status, true on success, false on failure
  -- @return brute.Error object on failure
  --         brute.Account object on success
  login = function(self, username, password)
    local pstatus
    local perror
    pstatus, perror = self.login_function(self.socket, username, password, self.additional)
    if pstatus then
      return true, brute.Account:new(username, password, "OPEN")
    elseif (perror == pop3.err.pwError) then
      return false, brute.Error:new("Wrong password.")
    elseif (perror == pop3.err.userError) then
      return false, brute.Error:new("Wrong username.")
    end
    return false, brute.Error:new("Login failed.")
  end, --login

  disconnect = function(self)
    self.socket:close()
  end, --disconnect

  check = function(self)
    return true
  end, --check
}

portrule = shortport.port_or_service({110, 995}, {"pop3","pop3s"})

action = function(host, port)
  local pMeth = nmap.registry.args.pop3loginmethod
  if (not pMeth) then pMeth = nmap.registry.pop3loginmethod end
  if (not pMeth) then pMeth = "USER" end

  --determine function we will use to login to server
  local is_apop = false
  local login_function
  if (pMeth == "USER") then
    login_function = pop3.login_user
  elseif (pMeth == "SASL-PLAIN") then
    login_function = pop3.login_sasl_plain
  elseif (pMeth == "SASL-LOGIN") then
    login_function = pop3.login_sasl_login
  elseif (pMeth == "SASL-CRAM-MD5") then
    login_function = pop3.login_sasl_crammd5
  elseif (pMeth == "APOP") then
    login_function = pop3.login_apop
    is_apop = true
  else
    login_function = pop3.login_user
  end

  local engine = brute.Engine:new(Driver, host, port, login_function, is_apop)
  engine.options.script_name = SCRIPT_NAME
  local status, accounts = engine:start()
  return accounts
end

Youez - 2016 - github.com/yon3zu
LinuXploit