PageRenderTime 42ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/nselib/imap.lua

https://github.com/prakashgamit/nmap
Lua | 280 lines | 150 code | 36 blank | 94 comment | 35 complexity | 21dab9a33738cec133e47ad725713990 MD5 | raw file
Possible License(s): BSD-3-Clause, GPL-2.0, LGPL-2.0, LGPL-2.1 
    

  1. ---
    2. 

  2. -- A library implementing a minor subset of the IMAP protocol, currently the
    3. 

  3. -- CAPABILITY, LOGIN and AUTHENTICATE functions. The library was initially
    4. 

  4. -- written by Brandon Enright and later extended and converted to OO-form by
    5. 

  5. -- Patrik Karlsson <patrik@cqure.net>
    6. 

  6. --
    7. 

  7. -- The library consists of a <code>Helper</code>, class which is the main
    8. 

  8. -- interface for script writers, and the <code>IMAP</code> class providing
    9. 

  9. -- all protocol-level functionality.
    10. 

  10. --
    11. 

  11. -- The following example illustrates the reommended use of the library:
    12. 

  12. -- <code>
    13. 

  13. -- 	local helper = imap.Helper:new(host, port)
    14. 

  14. --  helper:connect()
    15. 

  15. --  helper:login("user","password","PLAIN")
    16. 

  16. --  helper:close()
    17. 

  17. -- </code>
    18. 

  18. --
    19. 

  19. -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
    20. 

  20. -- @author = "Brandon Enright, Patrik Karlsson"
    21. 

  21. 

  22. -- Version 0.2
    23. 

  23. -- Revised 07/15/2011 - v0.2 - 	added the IMAP and Helper classes
    24. 

  24. --								added support for LOGIN and AUTHENTICATE
    25. 

  25. --								<patrik@cqure.net>
    26. 

  26. 

  27. local base64 = require "base64"
    28. 

  28. local comm = require "comm"
    29. 

  29. local sasl = require "sasl"
    30. 

  30. local stdnse = require "stdnse"
    31. 

  31. local table = require "table"
    32. 

  32. _ENV = stdnse.module("imap", stdnse.seeall)
    33. 

  33. 

  34. 

  35. IMAP = {
    36. 

  36. 	
    37. 

  37. 	--- Creates a new instance of the IMAP class
    38. 

  38. 	--
    39. 

  39. 	-- @param host table as received by the script action method
    40. 

  40. 	-- @param port table as received by the script action method
    41. 

  41. 	-- @param options table containing options, currently
    42. 

  42. 	--		<code>timeout<code> - 	number containing the seconds to wait for
    43. 

  43. 	--								a response
    44. 

  44. 	new = function(self, host, port, options)
    45. 

  45. 		local o = { 
    46. 

  46. 				host = host,
    47. 

  47. 				port = port,
    48. 

  48. 				counter = 1, 
    49. 

  49. 				timeout = ( options and options.timeout ) or 10000 
    50. 

  50. 		}
    51. 

  51.        	setmetatable(o, self)
    52. 

  52.         self.__index = self
    53. 

  53. 		return o
    54. 

  54. 	end,
    55. 

  55. 	
    56. 

  56. 	--- Receives a response from the IMAP server
    57. 

  57. 	--
    58. 

  58. 	-- @return status true on success, false on failure
    59. 

  59. 	-- @return data string containing the received data
    60. 

  60. 	receive = function(self)
    61. 

  61. 		local data = ""
    62. 

  62. 		repeat
    63. 

  63. 			local status, tmp = self.socket:receive_buf("\r\n", false)
    64. 

  64. 			if( not(status) ) then return false, tmp end
    65. 

  65. 			data = data .. tmp
    66. 

  66. 		until( tmp:match(("^A%04d"):format(self.counter - 1)) or tmp:match("^%+"))
    67. 

  67. 		
    68. 

  68. 		return true, data
    69. 

  69. 	end,
    70. 

  70. 	
    71. 

  71. 	--- Sends a request to the IMAP server
    72. 

  72. 	--
    73. 

  73. 	-- @param cmd string containing the command to send to the server eg.
    74. 

  74. 	--            eg. (AUTHENTICATE, LOGIN)
    75. 

  75. 	-- @param params string containing the command parameters
    76. 

  76. 	-- @return true on success, false on failure
    77. 

  77. 	-- @return err string containing the error if status was false
    78. 

  78. 	send = function(self, cmd, params)
    79. 

  79. 		local data
    80. 

  80. 		if ( not(params) ) then
    81. 

  81. 			data = ("A%04d %s\r\n"):format(self.counter, cmd)
    82. 

  82. 		else
    83. 

  83. 			data = ("A%04d %s %s\r\n"):format(self.counter, cmd, params)
    84. 

  84. 		end
    85. 

  85. 		local status, err = self.socket:send(data)
    86. 

  86. 		if ( not(status) ) then return false, err end
    87. 

  87. 		self.counter = self.counter + 1
    88. 

  88. 		return true
    89. 

  89. 	end,
    90. 

  90. 	
    91. 

  91. 	--- Connect to the server
    92. 

  92. 	--
    93. 

  93. 	-- @return status true on success, false on failure
    94. 

  94. 	-- @return banner string containing the server banner
    95. 

  95. 	connect = function(self)
    96. 

  96. 		local socket, banner, opt = comm.tryssl( self.host, self.port, "", { recv_before = true } )
    97. 

  97. 		if ( not(socket) ) then return false, "ERROR: Failed to connect to server" end
    98. 

  98. 		socket:set_timeout(self.timeout)
    99. 

  99. 		if ( not(socket) or not(banner) ) then return false, "ERROR: Failed to connect to server" end
    100. 

  100. 		self.socket = socket
    101. 

  101. 		return true, banner
    102. 

  102. 	end,
    103. 

  103. 		
    104. 

  104. 	--- Authenticate to the server (non PLAIN text mode)
    105. 

  105. 	-- Currently supported algorithms are CRAM-MD5 and CRAM-SHA1
    106. 

  106. 	--
    107. 

  107. 	-- @param username string containing the username
    108. 

  108. 	-- @param pass string containing the password
    109. 

  109. 	-- @param mech string containing a authentication mechanism, currently
    110. 

  110. 	--				CRAM-MD5 or CRAM-SHA1
    111. 

  111. 	-- @return status true if login was successful, false on failure
    112. 

  112. 	-- @return err string containing the error message if status was false
    113. 

  113. 	authenticate = function(self, username, pass, mech)
    114. 

  114. 		assert( mech == "NTLM" or
    115. 

  115. 				mech == "DIGEST-MD5" or
    116. 

  116. 				mech == "CRAM-MD5" or 
    117. 

  117. 				mech == "PLAIN",
    118. 

  118. 				"Unsupported authentication mechanism")
    119. 

  119. 		
    120. 

  120. 		local status, err = self:send("AUTHENTICATE", mech)
    121. 

  121. 

  122. 		if( not(status) ) then return false, "ERROR: Failed to send data" end
    123. 

  123. 

  124. 		local status, data = self:receive()
    125. 

  125. 		if( not(status) ) then return false, "ERROR: Failed to receive challenge" end
    126. 

  126. 		
    127. 

  127. 		if ( mech == "NTLM" ) then
    128. 

  128. 			-- sniffed of the wire, seems to always be the same
    129. 

  129. 			-- decodes to some NTLMSSP blob greatness
    130. 

  130. 			status, data = self.socket:send("TlRMTVNTUAABAAAAB7IIogYABgA3AAAADwAPACgAAAAFASgKAAAAD0FCVVNFLUFJUi5MT0NBTERPTUFJTg==\r\n")
    131. 

  131. 			if ( not(status) ) then return false, "ERROR: Failed to send NTLM packet" end
    132. 

  132. 			status, data = self:receive()
    133. 

  133. 			if ( not(status) ) then return false, "ERROR: Failed to receieve NTLM challenge" end 
    134. 

  134. 		end
    135. 

  135. 		
    136. 

  136. 		if ( data:match(("^A%04d "):format(self.counter-1)) ) then
    137. 

  137. 			return false, "ERROR: Authentication mechanism not supported"
    138. 

  138. 		end
    139. 

  139. 

  140. 		local digest, auth_data
    141. 

  141. 		if ( not(data:match("^+")) ) then
    142. 

  142. 			return false, "ERROR: Failed to receive proper response from server"
    143. 

  143. 		end
    144. 

  144. 		data = base64.dec(data:match("^+ (.*)"))
    145. 

  145. 		
    146. 

  146. 		-- All mechanisms expect username and pass
    147. 

  147. 		-- add the otheronce for those who need them
    148. 

  148. 		local mech_params = { username, pass, data, "imap" }
    149. 

  149. 		auth_data = sasl.Helper:new(mech):encode(table.unpack(mech_params))
    150. 

  150. 		auth_data = base64.enc(auth_data) .. "\r\n"
    151. 

  151. 			
    152. 

  152. 		status, data = self.socket:send(auth_data)
    153. 

  153. 		if( not(status) ) then return false, "ERROR: Failed to send data" end
    154. 

  154. 

  155. 		status, data = self:receive()
    156. 

  156. 		if( not(status) ) then return false, "ERROR: Failed to receive data" end
    157. 

  157. 	
    158. 

  158. 		if ( mech == "DIGEST-MD5" ) then
    159. 

  159. 			local rspauth = data:match("^+ (.*)")
    160. 

  160. 			if ( rspauth ) then
    161. 

  161. 				rspauth = base64.dec(rspauth)
    162. 

  162. 				status, data = self.socket:send("\r\n")
    163. 

  163. 				status, data = self:receive()
    164. 

  164. 			end
    165. 

  165. 		end
    166. 

  166. 		if ( data:match(("^A%04d OK"):format(self.counter - 1)) ) then
    167. 

  167. 			return true
    168. 

  168. 		end
    169. 

  169. 		return false, "Login failed"
    170. 

  170. 	end,
    171. 

  171. 	
    172. 

  172. 	--- Login to the server using PLAIN text authentication
    173. 

  173. 	--
    174. 

  174. 	-- @param username string containing the username
    175. 

  175. 	-- @param password string containing the password
    176. 

  176. 	-- @return status true on success, false on failure
    177. 

  177. 	-- @return err string containing the error message if status was false
    178. 

  178. 	login = function(self, username, password)
    179. 

  179. 		local status, err = self:send("LOGIN", ("\"%s\" \"%s\""):format(username, password))
    180. 

  180. 		if( not(status) ) then return false, "ERROR: Failed to send data" end
    181. 

  181. 		
    182. 

  182. 		local status, data = self:receive()
    183. 

  183. 		if( not(status) ) then return false, "ERROR: Failed to receive data" end
    184. 

  184. 			
    185. 

  185. 		if ( data:match(("^A%04d OK"):format(self.counter - 1)) ) then
    186. 

  186. 			return true
    187. 

  187. 		end
    188. 

  188. 		return false, "Login failed"
    189. 

  189. 	end,
    190. 

  190. 	
    191. 

  191. 	--- Retrieves a list of server capabilities (eg. supported authentication
    192. 

  192. 	--  mechanisms, QUOTA, UIDPLUS, ACL ...)
    193. 

  193. 	--
    194. 

  194. 	-- @return status true on success, false on failure
    195. 

  195. 	-- @return capas array containing the capabilities that are supported
    196. 

  196. 	capabilities = function(self)
    197. 

  197. 		local capas = {}
    198. 

  198. 		local proto = (self.port.version and self.port.version.service_tunnel == "ssl" and "ssl") or "tcp"
    199. 

  199. 		local status, err = self:send("CAPABILITY")
    200. 

  200. 		if( not(status) ) then return false, err end
    201. 

  201. 	   
    202. 

  202. 		local status, line = self:receive()
    203. 

  203. 		if (not(status)) then
    204. 

  204. 			capas.CAPABILITY = false
    205. 

  205. 		else 
    206. 

  206. 			while status do
    207. 

  207. 				if ( line:match("^%*%s+CAPABILITY") ) then
    208. 

  208. 		    		line = line:gsub("^%*%s+CAPABILITY", "")
    209. 

  209. 					for capability in line:gmatch("[%w%+=-]+") do
    210. 

  210. 						capas[capability] = true
    211. 

  211. 	            	end
    212. 

  212. 	            	break
    213. 

  213. 				end
    214. 

  214. 				status, line = self.socket:receive()
    215. 

  215. 			end
    216. 

  216. 	   end
    217. 

  217. 	   return true, capas
    218. 

  218. 	end,
    219. 

  219. 	
    220. 

  220. 	--- Closes the connection to the IMAP server
    221. 

  221. 	-- @return true on success, false on failure
    222. 

  222. 	close = function(self) return self.socket:close() end
    223. 

  223. 	
    224. 

  224. }
    225. 

  225. 

  226. 

  227. -- The helper class, that servers as interface to script writers
    228. 

  228. Helper = {
    229. 

  229. 	
    230. 

  230. 	-- @param host table as received by the script action method
    231. 

  231. 	-- @param port table as received by the script action method
    232. 

  232. 	-- @param options table containing options, currently
    233. 

  233. 	--		<code>timeout<code> - 	number containing the seconds to wait for
    234. 

  234. 	--								a response
    235. 

  235. 	new = function(self, host, port, options)
    236. 

  236. 		local o = { client = IMAP:new( host, port, options ) }
    237. 

  237.        	setmetatable(o, self)
    238. 

  238.         self.__index = self
    239. 

  239. 		return o
    240. 

  240. 	end,
    241. 

  241. 	
    242. 

  242. 	--- Connects to the IMAP server
    243. 

  243. 	-- @return status true on success, false on failure
    244. 

  244. 	connect = function(self)
    245. 

  245. 		return self.client:connect()
    246. 

  246. 	end,
    247. 

  247. 	
    248. 

  248. 	--- Login to the server using eithe plain-text or using the authentication
    249. 

  249. 	-- mechanism provided in the mech argument.
    250. 

  250. 	--
    251. 

  251. 	-- @param username string containing the username
    252. 

  252. 	-- @param password string containing the password
    253. 

  253. 	-- @param mech [optional] containing the authentication mechanism to use
    254. 

  254. 	-- @return status true on success, false on failure
    255. 

  255. 	login = function(self, username, password, mech)
    256. 

  256. 		if ( not(mech) or mech == "LOGIN" ) then
    257. 

  257. 			return self.client:login(username, password)
    258. 

  258. 		else
    259. 

  259. 			return self.client:authenticate(username, password, mech)
    260. 

  260. 		end
    261. 

  261. 	end,
    262. 

  262. 	
    263. 

  263. 	--- Retrieves a list of server capabilities (eg. supported authentication
    264. 

  264. 	--  mechanisms, QUOTA, UIDPLUS, ACL ...)
    265. 

  265. 	--
    266. 

  266. 	-- @return status true on success, false on failure
    267. 

  267. 	-- @return capas array containing the capabilities that are supported
    268. 

  268. 	capabilities = function(self)
    269. 

  269. 		return self.client:capabilities()
    270. 

  270. 	end,
    271. 

  271. 	
    272. 

  272. 	--- Closes the connection to the IMAP server
    273. 

  273. 	-- @return true on success, false on failure
    274. 

  274. 	close = function(self)
    275. 

  275. 		return self.client:close()
    276. 

  276. 	end,
    277. 

  277. 	
    278. 

  278. }
    279. 

  279. 

  280. return _ENV;
    281. 

  281.