Hello!
This is not new.
There are many programs that execute smtp
command RCPT TO to get valid counts:
http://packetstormsecurity.org/UNIX/misc/rcpt-analisys.tgz
http://cdm.frontthescene.com.br/ferramentas/torque-v0.3.tar.gz
In some servers, you have to edit previous commands
"HELO/EHLO/MAIL FROM" to have sucess.
Best Regards,
Martin Fallon.
--- GuidoZ <uberguidoz@gmail.com> escreveu:
[snip]
Testing for Open Relay, I realized that the server
answers different to
existing users and non-existing users, when trying
to deliver mails using
RCPT TO:
Interesting. It wouldn't be hard to make a Perl
script (or other) that
logs into the SMTP server, then runs through a list
of predefined
users to test and see if they have an account. I
would call it
information disclosure for sure.
As for how to fix it, I don't know that you can.
It's part of the
protocol to answer to RCPT TO. What version of
Sendmail? In the more
recent versions, you can alter the text that is
displayed there...
maybe change it all to something like "I'll try that
address" for
both.
--
Peace. ~G
On Wed, 12 Jan 2005 20:42:04 +0000, Andres Molinetti
<andymolinetti@hotmail.com> wrote:
I'm currently over a pen-test and I have found
that their SMTP Server
(SendMail) does not have VRFY or EXPN methods
available, which was the most
probably thing to happen taking into account the
server has been through
some hardening before.
Testing for Open Relay, I realized that the server
answers different to
existing users and non-existing users, when trying
to deliver mails using
RCPT TO:
E.g:
rcpt to: asdfasdf@domain
550 5.1.1 asdfasdf@domain... User unknown
rcpt to: bin@domain
250 2.1.5 bin@domain... Recipient ok
rcpt to: nobody@domain
250 2.1.5 nobody@domain... Recipient ok
rcpt to: oper@domain
550 5.1.1 oper@domain... User unknown
rcpt to: root@domain
250 2.1.5 root@domain... Recipient ok
Is this ok or is it information disclousure? Is
there any way to fix it? It
is Sendmail...
Thanks in advance,
Andres Molinetti
CISSP
_________________________________________________________________
Acepta el reto MSN Premium: Protección para tus
hijos en internet.
Descárgalo y pruébalo 2 meses gratis.
http://join.msn.com?XAPID=1697&DI=1055&HL=Footer_mailsenviados_proteccioninfantil
=====
Sem caminhos pra seguir, na incerteza de chegar,
quem decide por partir, soh pensa em procurar,
um futuro com alguem, nao importa o que passou,
jah nem se lembra mais, quer eh recomecar!
(Quimera - Extinta Banda Zero)
__________________________________________________
Converse com seus amigos em tempo real com o Yahoo! Messenger
http://br.download.yahoo.com/messenger/
