PageRenderTime 159ms CodeModel.GetById 28ms RepoModel.GetById 0ms app.codeStats 0ms

/nselib/pop3.lua

https://gitlab.com/g10h4ck/nmap-gsoc2015
Lua | 233 lines | 130 code | 50 blank | 53 comment | 22 complexity | 93ab1b346f256afb8c73848043c387ad MD5 | raw file
Possible License(s): BSD-3-Clause, GPL-2.0, Apache-2.0, LGPL-2.0, LGPL-2.1, MIT 
    

  1. ---
    2. 

  2. -- POP3 functions.
    3. 

  3. --
    4. 

  4. -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
    5. 

  5. 

  6. local base64 = require "base64"
    7. 

  7. local comm = require "comm"
    8. 

  8. local stdnse = require "stdnse"
    9. 

  9. local string = require "string"
    10. 

  10. local table = require "table"
    11. 

  11. _ENV = stdnse.module("pop3", stdnse.seeall)
    12. 

  12. 

  13. local HAVE_SSL, openssl = pcall(require,'openssl')
    14. 

  14. 

  15. 

  16. err = {
    17. 

  17.   none = 0,
    18. 

  18.   userError = 1,
    19. 

  19.   pwError = 2,
    20. 

  20.   informationMissing = 3,
    21. 

  21.   OpenSSLMissing = 4,
    22. 

  22. }
    23. 

  23. 

  24. ---
    25. 

  25. -- Check a POP3 response for <code>"+OK"</code>.
    26. 

  26. -- @param line First line returned from an POP3 request.
    27. 

  27. -- @return The string <code>"+OK"</code> if found or <code>nil</code> otherwise.
    28. 

  28. function stat(line)
    29. 

  29.   return string.match(line, "+OK")
    30. 

  30. end
    31. 

  31. 

  32. 

  33. 

  34. ---
    35. 

  35. -- Try to log in using the <code>USER</code>/<code>PASS</code> commands.
    36. 

  36. -- @param socket Socket connected to POP3 server.
    37. 

  37. -- @param user User string.
    38. 

  38. -- @param pw Password string.
    39. 

  39. -- @return Status (true or false).
    40. 

  40. -- @return Error code if status is false.
    41. 

  41. function login_user(socket, user, pw)
    42. 

  42.   socket:send("USER " .. user .. "\r\n")
    43. 

  43.   local status, line = socket:receive_lines(1)
    44. 

  44.   if not stat(line) then return false, err.user_error end
    45. 

  45.   socket:send("PASS " .. pw .. "\r\n")
    46. 

  46. 

  47.   status, line = socket:receive_lines(1)
    48. 

  48. 

  49.   if stat(line) then return true, err.none
    50. 

  50.   else return false, err.pwError
    51. 

  51.   end
    52. 

  52. end
    53. 

  53. 

  54. 

  55. ---
    56. 

  56. -- Try to login using the the <code>AUTH</code> command using SASL/Plain method.
    57. 

  57. -- @param socket Socket connected to POP3 server.
    58. 

  58. -- @param user User string.
    59. 

  59. -- @param pw Password string.
    60. 

  60. -- @return Status (true or false).
    61. 

  61. -- @return Error code if status is false.
    62. 

  62. function login_sasl_plain(socket, user, pw)
    63. 

  63. 

  64.   local auth64 = base64.enc(user .. "\0" .. user .. "\0" .. pw)
    65. 

  65.   socket:send("AUTH PLAIN " .. auth64 .. "\r\n")
    66. 

  66. 

  67.   local status, line = socket:receive_lines(1)
    68. 

  68. 

  69.   if stat(line) then
    70. 

  70.     return true, err.none
    71. 

  71.   else
    72. 

  72.     return false, err.pwError
    73. 

  73.   end
    74. 

  74. end
    75. 

  75. 

  76. ---
    77. 

  77. -- Try to login using the <code>AUTH</code> command using SASL/Login method.
    78. 

  78. -- @param user User string.
    79. 

  79. -- @param pw Password string.
    80. 

  80. -- @param pw String containing password to login.
    81. 

  81. -- @return Status (true or false).
    82. 

  82. -- @return Error code if status is false.
    83. 

  83. function login_sasl_login(socket, user, pw)
    84. 

  84. 

  85.   local user64 = base64.enc(user)
    86. 

  86. 

  87.   local pw64 = base64.enc(pw)
    88. 

  88. 

  89.   socket:send("AUTH LOGIN\r\n")
    90. 

  90. 

  91.   local status, line = socket:receive_lines(1)
    92. 

  92.   if not base64.dec(string.sub(line, 3)) == "User Name:" then
    93. 

  93.     return false, err.userError
    94. 

  94.   end
    95. 

  95. 

  96.   socket:send(user64)
    97. 

  97. 

  98.   local status, line = socket:receive_lines(1)
    99. 

  99. 

  100.   if not base64.dec(string.sub(line, 3)) == "Password:" then
    101. 

  101.     return false, err.userError
    102. 

  102.   end
    103. 

  103. 

  104.   socket:send(pw64)
    105. 

  105. 

  106.   local status, line = socket:receive_lines(1)
    107. 

  107. 

  108.   if stat(line) then
    109. 

  109.     return true, err.none
    110. 

  110.   else
    111. 

  111.     return false, err.pwError
    112. 

  112.   end
    113. 

  113. end
    114. 

  114. 

  115. ---
    116. 

  116. -- Try to login using the <code>APOP</code> command.
    117. 

  117. -- @param socket Socket connected to POP3 server.
    118. 

  118. -- @param user User string.
    119. 

  119. -- @param pw Password string.
    120. 

  120. -- @param challenge String containing challenge from POP3 server greeting.
    121. 

  121. -- @return Status (true or false).
    122. 

  122. -- @return Error code if status is false.
    123. 

  123. function login_apop(socket, user, pw, challenge)
    124. 

  124.   if type(challenge) ~= "string" then return false, err.informationMissing end
    125. 

  125. 

  126.   local apStr = stdnse.tohex(openssl.md5(challenge .. pw))
    127. 

  127.   socket:send(("APOP %s %s\r\n"):format(user, apStr))
    128. 

  128. 

  129.   local status, line = socket:receive_lines(1)
    130. 

  130. 

  131.   if (stat(line)) then
    132. 

  132.     return true, err.none
    133. 

  133.   else
    134. 

  134.     return false, err.pwError
    135. 

  135.   end
    136. 

  136. end
    137. 

  137. 

  138. ---
    139. 

  139. -- Asks a POP3 server for capabilities.
    140. 

  140. --
    141. 

  141. -- See RFC 2449.
    142. 

  142. -- @param host Host to be queried.
    143. 

  143. -- @param port Port to connect to.
    144. 

  144. -- @return Table containing capabilities or nil on error.
    145. 

  145. -- @return nil or String error message.
    146. 

  146. function capabilities(host, port)
    147. 

  147. 

  148.   local socket, line, bopt, first_line = comm.tryssl(host, port, "" , {request_timeout=10000, recv_before=true})
    149. 

  149.   if not socket then
    150. 

  150.     return nil, "Could Not Connect"
    151. 

  151.   end
    152. 

  152.   if not stat(first_line) then
    153. 

  153.     return nil, "No Response"
    154. 

  154.   end
    155. 

  155. 

  156.   local capas = {}
    157. 

  157.   if string.find(first_line, "<[%p%w]+>") then
    158. 

  158.     capas.APOP = {}
    159. 

  159.   end
    160. 

  160. 

  161.   local status = socket:send("CAPA\r\n")
    162. 

  162.   if( not(status) ) then
    163. 

  163.     return nil, "Failed to send"
    164. 

  164.   end
    165. 

  165. 

  166.   status, line = socket:receive_buf("%.", false)
    167. 

  167.   if( not(status) ) then
    168. 

  168.     return nil, "Failed to receive"
    169. 

  169.   end
    170. 

  170.   socket:close()
    171. 

  171. 

  172.   local lines = stdnse.strsplit("\r\n",line)
    173. 

  173.   if not stat(table.remove(lines,1)) then
    174. 

  174.     capas.capa = false
    175. 

  175.     return capas
    176. 

  176.   end
    177. 

  177. 

  178.   for _, line in ipairs(lines) do
    179. 

  179.     if ( line and #line>0 ) then
    180. 

  180.       local capability = line:sub(line:find("[%w-]+"))
    181. 

  181.       line = line:sub(#capability + 2)
    182. 

  182.       if ( line ~= "" ) then
    183. 

  183.         capas[capability] = stdnse.strsplit(" ", line)
    184. 

  184.       else
    185. 

  185.         capas[capability] = {}
    186. 

  186.       end
    187. 

  187.     end
    188. 

  188.   end
    189. 

  189. 

  190.   return capas
    191. 

  191. end
    192. 

  192. 

  193. ---
    194. 

  194. -- Try to login using the <code>AUTH</code> command using SASL/CRAM-MD5 method.
    195. 

  195. -- @param socket Socket connected to POP3 server.
    196. 

  196. -- @param user User string.
    197. 

  197. -- @param pw Password string.
    198. 

  198. -- @return Status (true or false).
    199. 

  199. -- @return Error code if status is false.
    200. 

  200. function login_sasl_crammd5(socket, user, pw)
    201. 

  201. 

  202.   socket:send("AUTH CRAM-MD5\r\n")
    203. 

  203. 

  204.   local status, line = socket:receive_lines(1)
    205. 

  205. 

  206.   local challenge = base64.dec(string.sub(line, 3))
    207. 

  207. 

  208.   local digest = stdnse.tohex(openssl.hmac('md5', pw, challenge))
    209. 

  209.   local authStr = base64.enc(user .. " " .. digest)
    210. 

  210.   socket:send(authStr .. "\r\n")
    211. 

  211. 

  212.   local status, line = socket:receive_lines(1)
    213. 

  213. 

  214.   if stat(line) then
    215. 

  215.     return true, err.none
    216. 

  216.   else
    217. 

  217.     return false, err.pwError
    218. 

  218.   end
    219. 

  219. end
    220. 

  220. 

  221. -- Overwrite functions requiring OpenSSL if we got no OpenSSL.
    222. 

  222. if not HAVE_SSL then
    223. 

  223. 

  224.   local no_ssl = function()
    225. 

  225.     return false, err.OpenSSLMissing
    226. 

  226.   end
    227. 

  227. 

  228.   login_apop = no_ssl
    229. 

  229.   login_sasl_crammd5 = no_ssl
    230. 

  230. end
    231. 

  231. 

  232. 

  233. return _ENV;
    234. 

  234.