adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/SMTPDeliver.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

1361 lines
82 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::SMTPDeliver
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::SMTPDeliver";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (S)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">SMTPDeliver</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::SMTPDeliver
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="Tcp.html" title="Msf::Exploit::Remote::Tcp (module)">Tcp</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/smtp_deliver.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>This module exposes methods that may be useful to exploits that send email messages via SMTP.</p>
</div>
</div>
<div class="tags">
</div><h2>Defined Under Namespace</h2>
<p class="children">
<strong class="classes">Classes:</strong> <span class='object_link'><a href="SMTPDeliver/SMTPCommunicationError.html" title="Msf::Exploit::Remote::SMTPDeliver::SMTPCommunicationError (class)">SMTPCommunicationError</a></span>
</p>
<h2>Instance Attribute Summary <small><a href="#" class="summary_toggle">collapse</a></small></h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#banner-instance_method" title="#banner (instance method)">#<strong>banner</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>The banner received after the initial connection to the server.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="Tcp.html" title="Msf::Exploit::Remote::Tcp (module)">Tcp</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Tcp.html#sock-instance_method" title="Msf::Exploit::Remote::Tcp#sock (method)">#sock</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#bad_address-instance_method" title="#bad_address (instance method)">#<strong>bad_address</strong>(address) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#connect-instance_method" title="#connect (instance method)">#<strong>connect</strong>(global = true) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Establish an SMTP connection to host and port specified by the RHOST and RPORT options, respectively.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#connect_ehlo-instance_method" title="#connect_ehlo (instance method)">#<strong>connect_ehlo</strong>(global = true, domain) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#connect_login-instance_method" title="#connect_login (instance method)">#<strong>connect_login</strong>(global = true) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Connect to the remote SMTP server, send EHLO, start TLS if the server asks for it, and authenticate if weve got creds (specified in <code>USERNAME</code> and <code>PASSWORD</code> datastore options).</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#connected%3F-instance_method" title="#connected? (instance method)">#<strong>connected?</strong> &#x21d2; Boolean </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#disconnect-instance_method" title="#disconnect (instance method)">#<strong>disconnect</strong>(nsock = self.sock) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#generate_ssl_context-instance_method" title="#generate_ssl_context (instance method)">#<strong>generate_ssl_context</strong>(security = :high) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Creates an instance of an exploit that delivers messages via SMTP.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_message-instance_method" title="#send_message (instance method)">#<strong>send_message</strong>(data) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends an email message, connecting to the server first if a connection is not already established.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#smtp_send_recv-instance_method" title="#smtp_send_recv (instance method)">#<strong>smtp_send_recv</strong>(cmd, nsock = self.sock) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Send and receive a single command using SMTP protocol allowing for response continuation.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#swap_sock_plain_to_ssl-instance_method" title="#swap_sock_plain_to_ssl (instance method)">#<strong>swap_sock_plain_to_ssl</strong>(nsock = self.sock, security = :high) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Create a new SSL session on the existing socket.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="Tcp.html" title="Msf::Exploit::Remote::Tcp (module)">Tcp</a></span></h3>
<p class="inherited"><span class='object_link'><a href="Tcp.html#chost-instance_method" title="Msf::Exploit::Remote::Tcp#chost (method)">#chost</a></span>, <span class='object_link'><a href="Tcp.html#cleanup-instance_method" title="Msf::Exploit::Remote::Tcp#cleanup (method)">#cleanup</a></span>, <span class='object_link'><a href="Tcp.html#connect_timeout-instance_method" title="Msf::Exploit::Remote::Tcp#connect_timeout (method)">#connect_timeout</a></span>, <span class='object_link'><a href="Tcp.html#cport-instance_method" title="Msf::Exploit::Remote::Tcp#cport (method)">#cport</a></span>, <span class='object_link'><a href="Tcp.html#handler-instance_method" title="Msf::Exploit::Remote::Tcp#handler (method)">#handler</a></span>, <span class='object_link'><a href="Tcp.html#lhost-instance_method" title="Msf::Exploit::Remote::Tcp#lhost (method)">#lhost</a></span>, <span class='object_link'><a href="Tcp.html#lport-instance_method" title="Msf::Exploit::Remote::Tcp#lport (method)">#lport</a></span>, <span class='object_link'><a href="Tcp.html#peer-instance_method" title="Msf::Exploit::Remote::Tcp#peer (method)">#peer</a></span>, <span class='object_link'><a href="Tcp.html#print_prefix-instance_method" title="Msf::Exploit::Remote::Tcp#print_prefix (method)">#print_prefix</a></span>, <span class='object_link'><a href="Tcp.html#proxies-instance_method" title="Msf::Exploit::Remote::Tcp#proxies (method)">#proxies</a></span>, <span class='object_link'><a href="Tcp.html#replicant-instance_method" title="Msf::Exploit::Remote::Tcp#replicant (method)">#replicant</a></span>, <span class='object_link'><a href="Tcp.html#rhost-instance_method" title="Msf::Exploit::Remote::Tcp#rhost (method)">#rhost</a></span>, <span class='object_link'><a href="Tcp.html#rport-instance_method" title="Msf::Exploit::Remote::Tcp#rport (method)">#rport</a></span>, <span class='object_link'><a href="Tcp.html#set_tcp_evasions-instance_method" title="Msf::Exploit::Remote::Tcp#set_tcp_evasions (method)">#set_tcp_evasions</a></span>, <span class='object_link'><a href="Tcp.html#shutdown-instance_method" title="Msf::Exploit::Remote::Tcp#shutdown (method)">#shutdown</a></span>, <span class='object_link'><a href="Tcp.html#ssl-instance_method" title="Msf::Exploit::Remote::Tcp#ssl (method)">#ssl</a></span>, <span class='object_link'><a href="Tcp.html#ssl_cipher-instance_method" title="Msf::Exploit::Remote::Tcp#ssl_cipher (method)">#ssl_cipher</a></span>, <span class='object_link'><a href="Tcp.html#ssl_verify_mode-instance_method" title="Msf::Exploit::Remote::Tcp#ssl_verify_mode (method)">#ssl_verify_mode</a></span>, <span class='object_link'><a href="Tcp.html#ssl_version-instance_method" title="Msf::Exploit::Remote::Tcp#ssl_version (method)">#ssl_version</a></span>, <span class='object_link'><a href="Tcp.html#sslkeylogfile-instance_method" title="Msf::Exploit::Remote::Tcp#sslkeylogfile (method)">#sslkeylogfile</a></span></p>
<div id="instance_attr_details" class="attr_details">
<h2>Instance Attribute Details</h2>
<span id="banner=-instance_method"></span>
<div class="method_details first">
<h3 class="signature first" id="banner-instance_method">
#<strong>banner</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>The banner received after the initial connection to the server. This should look something like:</p>
<pre class="code ruby"><code class="ruby">220 mx.google.com ESMTP s5sm3837150wak.12
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
282
283
284</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 282</span>
<span class='kw'>def</span> <span class='id identifier rubyid_banner'>banner</span>
<span class='ivar'>@banner</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="bad_address-instance_method">
#<strong>bad_address</strong>(address) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
153
154
155</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 153</span>
<span class='kw'>def</span> <span class='id identifier rubyid_bad_address'>bad_address</span><span class='lparen'>(</span><span class='id identifier rubyid_address'>address</span><span class='rparen'>)</span>
<span class='id identifier rubyid_address'>address</span><span class='period'>.</span><span class='id identifier rubyid_bytesize'>bytesize</span> <span class='op'>&gt;</span> <span class='int'>2048</span> <span class='op'>||</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>[\r\n]</span><span class='regexp_end'>/</span></span> <span class='op'>=~</span> <span class='id identifier rubyid_address'>address</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="connect-instance_method">
#<strong>connect</strong>(global = true) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Establish an SMTP connection to host and port specified by the RHOST and RPORT options, respectively. After connecting, the banner message is read in and stored in the <code>banner</code> attribute.</p>
<p>This method does NOT perform an EHLO, it only connects.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
54
55
56
57
58
59
60
61
62
63</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 54</span>
<span class='kw'>def</span> <span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span> <span class='op'>=</span> <span class='kw'>true</span><span class='rparen'>)</span>
<span class='id identifier rubyid_fd'>fd</span> <span class='op'>=</span> <span class='kw'>super</span>
<span class='kw'>if</span> <span class='id identifier rubyid_fd'>fd</span>
<span class='ivar'>@connected</span> <span class='op'>=</span> <span class='kw'>true</span>
<span class='comment'># Wait for a banner to arrive...
</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_banner'>banner</span> <span class='op'>=</span> <span class='id identifier rubyid_fd'>fd</span><span class='period'>.</span><span class='id identifier rubyid_get_once'>get_once</span><span class='lparen'>(</span><span class='op'>-</span><span class='int'>1</span><span class='comma'>,</span> <span class='int'>30</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_fd'>fd</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="connect_ehlo-instance_method">
#<strong>connect_ehlo</strong>(global = true, domain) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
146
147
148
149
150
151</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 146</span>
<span class='kw'>def</span> <span class='id identifier rubyid_connect_ehlo'>connect_ehlo</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span> <span class='op'>=</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='id identifier rubyid_domain'>domain</span><span class='rparen'>)</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Connecting to SMTP server </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_rhost'>rhost</span><span class='embexpr_end'>}</span><span class='tstring_content'>:</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_rport'>rport</span><span class='embexpr_end'>}</span><span class='tstring_content'>...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_nsock'>nsock</span> <span class='op'>=</span> <span class='id identifier rubyid_connect'>connect</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span><span class='rparen'>)</span>
<span class='lbracket'>[</span><span class='id identifier rubyid_nsock'>nsock</span><span class='comma'>,</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>EHLO </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_domain'>domain</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="connect_login-instance_method">
#<strong>connect_login</strong>(global = true) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Connect to the remote SMTP server, send EHLO, start TLS if the server asks for it, and authenticate if weve got creds (specified in <code>USERNAME</code> and <code>PASSWORD</code> datastore options).</p>
<p>This method currently only knows about PLAIN authentication.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 72</span>
<span class='kw'>def</span> <span class='id identifier rubyid_connect_login'>connect_login</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span> <span class='op'>=</span> <span class='kw'>true</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DOMAIN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DOMAIN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_domain'>domain</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DOMAIN</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_domain'>domain</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alpha'>rand_text_alpha</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>32</span><span class='rparen'>)</span><span class='op'>+</span><span class='int'>1</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='comma'>,</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_connect_ehlo'>connect_ehlo</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span><span class='comma'>,</span> <span class='id identifier rubyid_domain'>domain</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>STARTTLS</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Starting tls</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>STARTTLS\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='lbracket'>[</span><span class='symbol'>:high</span><span class='comma'>,</span> <span class='symbol'>:medium</span><span class='comma'>,</span> <span class='symbol'>:default</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_level'>level</span><span class='op'>|</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_swap_sock_plain_to_ssl'>swap_sock_plain_to_ssl</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='comma'>,</span> <span class='id identifier rubyid_level'>level</span><span class='rparen'>)</span>
<span class='kw'>break</span>
<span class='kw'>rescue</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>SSL</span><span class='op'>::</span><span class='const'>SSLError</span>
<span class='comment'># Perform manual fallback for servers that can&#39;t
</span> <span class='id identifier rubyid_print_status'>print_status</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Could not negotiate SSL, falling back to older ciphers</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_close'>close</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='comma'>,</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_connect_ehlo'>connect_ehlo</span><span class='lparen'>(</span><span class='id identifier rubyid_global'>global</span><span class='rparen'>)</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>STARTTLS\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='kw'>if</span> <span class='id identifier rubyid_level'>level</span> <span class='op'>==</span> <span class='symbol'>:default</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>EHLO </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_domain'>domain</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PASSWORD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span> <span class='kw'>and</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='comment'># TODO: other auth methods
</span> <span class='kw'>if</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>AUTH .*PLAIN</span><span class='regexp_end'>/</span></span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='kw'>and</span> <span class='kw'>not</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='comment'># Have to double the username. SMTP auth is weird
</span> <span class='id identifier rubyid_user'>user</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>\0</span><span class='tstring_end'>&quot;</span></span> <span class='op'>*</span> <span class='int'>2</span>
<span class='id identifier rubyid_auth'>auth</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_user'>user</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>PASSWORD</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>AUTH PLAIN </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_auth'>auth</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='int'>2</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>235</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Authentication failed, quitting</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Could not authenticate to SMTP server</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server requested auth and no creds given, trying to continue anyway</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>AUTH .*LOGIN</span><span class='regexp_end'>/</span></span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='kw'>and</span> <span class='kw'>not</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_user'>user</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_auth'>auth</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>PASSWORD</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>AUTH LOGIN\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_user'>user</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_auth'>auth</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='int'>2</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>235</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Authentication failed, quitting</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Could not authenticate to SMTP server</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server requested auth and no creds given, trying to continue anyway</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>AUTH</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server doesn&#39;t accept any supported authentication, trying to continue anyway</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PASSWORD</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='kw'>and</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='kw'>and</span> <span class='kw'>not</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='comment'># Let the user know their creds are going unused
</span> <span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server didn&#39;t ask for authentication, skipping</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>return</span> <span class='id identifier rubyid_nsock'>nsock</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="connected?-instance_method">
#<strong>connected?</strong> &#x21d2; <tt>Boolean</tt>
</h3><div class="docstring">
<div class="discussion">
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Boolean</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
43
44
45</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 43</span>
<span class='kw'>def</span> <span class='id identifier rubyid_connected?'>connected?</span>
<span class='lparen'>(</span><span class='ivar'>@connected</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="disconnect-instance_method">
#<strong>disconnect</strong>(nsock = self.sock) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
235
236
237
238
239
240
241
242</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 235</span>
<span class='kw'>def</span> <span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='op'>=</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_sock'>sock</span><span class='rparen'>)</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>QUIT\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'><span class='object_link'><a href="SMTPDeliver/SMTPCommunicationError.html" title="Msf::Exploit::Remote::SMTPDeliver::SMTPCommunicationError (class)">SMTPCommunicationError</a></span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid__e'>_e</span>
<span class='kw'>end</span>
<span class='kw'>super</span>
<span class='ivar'>@connected</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="generate_ssl_context-instance_method">
#<strong>generate_ssl_context</strong>(security = :high) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
302
303
304
305
306
307
308
309
310
311
312
313</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 302</span>
<span class='kw'>def</span> <span class='id identifier rubyid_generate_ssl_context'>generate_ssl_context</span><span class='lparen'>(</span><span class='id identifier rubyid_security'>security</span><span class='op'>=</span><span class='symbol'>:high</span><span class='rparen'>)</span>
<span class='kw'>case</span> <span class='id identifier rubyid_security'>security</span>
<span class='kw'>when</span> <span class='symbol'>:high</span>
<span class='id identifier rubyid_ctx'>ctx</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>SSL</span><span class='op'>::</span><span class='const'>SSLContext</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='symbol'>:SSLv23</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ctx'>ctx</span><span class='period'>.</span><span class='id identifier rubyid_ciphers'>ciphers</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>ALL:!ADH:!EXPORT:!SSLv2:!SSLv3:+HIGH:+MEDIUM</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_ctx'>ctx</span>
<span class='kw'>when</span> <span class='symbol'>:medium</span>
<span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>SSL</span><span class='op'>::</span><span class='const'>SSLContext</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='symbol'>:TLSv1</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='symbol'>:default</span>
<span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>SSL</span><span class='op'>::</span><span class='const'>SSLContext</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Creates an instance of an exploit that delivers messages via SMTP</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 20</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='comment'># Register our options, overriding the RHOST/RPORT from TCP
</span> <span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptAddress.html" title="Msf::OptAddress (class)">OptAddress</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The SMTP server to send through</span><span class='tstring_end'>&quot;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptPort.html" title="Msf::OptPort (class)">OptPort</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>RPORT</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The SMTP server port (e.g. 25, 465, 587, 2525)</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='int'>25</span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DATE</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Override the DATE: field with this value</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MAILFROM</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The FROM address of the e-mail</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>random@example.com</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MAILTO</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The TO address of the email</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SUBJECT</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Subject line of the email</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>USERNAME</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SMTP Username for sending email</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>PASSWORD</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SMTP Password for sending email</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DOMAIN</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SMTP Domain to EHLO to</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>VERBOSE</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Display verbose information</span><span class='tstring_end'>&#39;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Msf::Exploit::Remote::SMTPDeliver (module)">SMTPDeliver</a></span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_register_autofilter_ports'>register_autofilter_ports</span><span class='lparen'>(</span><span class='lbracket'>[</span> <span class='int'>25</span><span class='comma'>,</span> <span class='int'>465</span><span class='comma'>,</span> <span class='int'>587</span><span class='comma'>,</span> <span class='int'>2525</span><span class='comma'>,</span> <span class='int'>25025</span><span class='comma'>,</span> <span class='int'>25000</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_register_autofilter_services'>register_autofilter_services</span><span class='lparen'>(</span><span class='words_beg'>%W{</span><span class='words_sep'> </span><span class='tstring_content'>smtp</span><span class='words_sep'> </span><span class='tstring_content'>smtps</span><span class='words_sep'> </span><span class='tstring_end'>}</span></span><span class='rparen'>)</span>
<span class='ivar'>@connected</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_message-instance_method">
#<strong>send_message</strong>(data) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends an email message, connecting to the server first if a connection is not already established.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 161</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_message'>send_message</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
<span class='id identifier rubyid_mailfrom'>mailfrom</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MAILFROM</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span>
<span class='kw'>if</span> <span class='id identifier rubyid_bad_address'>bad_address</span><span class='lparen'>(</span><span class='id identifier rubyid_mailfrom'>mailfrom</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_error'>print_error</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Bad from address, not sending: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mailfrom'>mailfrom</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>return</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_mailto'>mailto</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MAILTO</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span>
<span class='kw'>if</span> <span class='id identifier rubyid_bad_address'>bad_address</span><span class='lparen'>(</span><span class='id identifier rubyid_mailto'>mailto</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_error'>print_error</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Bad to address, not sending: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mailto'>mailto</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>return</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_send_status'>send_status</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_already_connected'>already_connected</span> <span class='op'>=</span> <span class='id identifier rubyid_connected?'>connected?</span>
<span class='kw'>if</span> <span class='id identifier rubyid_already_connected'>already_connected</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Already connected, reusing</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_nsock'>nsock</span> <span class='op'>=</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_sock'>sock</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_nsock'>nsock</span> <span class='op'>=</span> <span class='id identifier rubyid_connect_login'>connect_login</span><span class='lparen'>(</span><span class='kw'>false</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>MAIL FROM: &lt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mailfrom'>mailfrom</span><span class='embexpr_end'>}</span><span class='tstring_content'>&gt;\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>RCPT TO: &lt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mailto'>mailto</span><span class='embexpr_end'>}</span><span class='tstring_content'>&gt;\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_res'>res</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='int'>2</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>250</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_resp'>resp</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>DATA\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='comment'># If the user supplied a Date field, use that, else use the current
</span> <span class='comment'># DateTime in the proper RFC2822 format.
</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DATE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
<span class='id identifier rubyid_date'>date</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Date: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DATE</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>else</span>
<span class='id identifier rubyid_date'>date</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Date: </span><span class='embexpr_beg'>#{</span><span class='const'>DateTime</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_rfc2822'>rfc2822</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='comment'># If the user supplied a Subject field, use that
</span> <span class='id identifier rubyid_subject'>subject</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SUBJECT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
<span class='id identifier rubyid_subject'>subject</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Subject: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SUBJECT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='comment'># Avoid sending tons of data and killing the connection if the server
</span> <span class='comment'># didn&#39;t like us.
</span> <span class='kw'>if</span> <span class='kw'>not</span> <span class='id identifier rubyid_resp'>resp</span> <span class='kw'>or</span> <span class='kw'>not</span> <span class='id identifier rubyid_resp'>resp</span><span class='lbracket'>[</span><span class='int'>0</span><span class='comma'>,</span><span class='int'>3</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>354</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server refused our mail</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_full_msg'>full_msg</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_full_msg'>full_msg</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_date'>date</span> <span class='kw'>unless</span> <span class='id identifier rubyid_data'>data</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>date: </span><span class='regexp_end'>/i</span></span>
<span class='id identifier rubyid_full_msg'>full_msg</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_subject'>subject</span> <span class='kw'>unless</span> <span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>||</span> <span class='id identifier rubyid_data'>data</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>subject: </span><span class='regexp_end'>/i</span></span>
<span class='id identifier rubyid_full_msg'>full_msg</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_data'>data</span>
<span class='comment'># Escape leading dots in the mail messages so there are no false EOF
</span> <span class='id identifier rubyid_full_msg'>full_msg</span><span class='period'>.</span><span class='id identifier rubyid_gsub!'>gsub!</span><span class='lparen'>(</span><span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>(?m)^\.</span><span class='regexp_end'>/</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>..</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_send_status'>send_status</span> <span class='op'>=</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_full_msg'>full_msg</span><span class='embexpr_end'>}</span><span class='tstring_content'>\r\n.\r\n</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_print_error'>print_error</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Server refused to send to &lt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_mailto'>mailto</span><span class='embexpr_end'>}</span><span class='tstring_content'>&gt;</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='kw'>not</span> <span class='id identifier rubyid_already_connected'>already_connected</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Closing the connection...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_send_status'>send_status</span>
<span class='kw'>rescue</span> <span class='const'><span class='object_link'><a href="SMTPDeliver/SMTPCommunicationError.html" title="Msf::Exploit::Remote::SMTPDeliver::SMTPCommunicationError (class)">SMTPCommunicationError</a></span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='id identifier rubyid_e'>e</span><span class='period'>.</span><span class='id identifier rubyid_message'>message</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_already_connected'>already_connected</span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Closing and reconnecting...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_disconnect'>disconnect</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='rparen'>)</span>
<span class='id identifier rubyid_connect_login'>connect_login</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="smtp_send_recv-instance_method">
#<strong>smtp_send_recv</strong>(cmd, nsock = self.sock) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Send and receive a single command using SMTP protocol allowing for response continuation</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 246</span>
<span class='kw'>def</span> <span class='id identifier rubyid_smtp_send_recv'>smtp_send_recv</span><span class='lparen'>(</span><span class='id identifier rubyid_cmd'>cmd</span><span class='comma'>,</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='op'>=</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_sock'>sock</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>false</span> <span class='kw'>if</span> <span class='kw'>not</span> <span class='id identifier rubyid_nsock'>nsock</span>
<span class='kw'>if</span> <span class='id identifier rubyid_cmd'>cmd</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>AUTH PLAIN</span><span class='regexp_end'>/</span></span>
<span class='comment'># Don&#39;t print the user&#39;s plaintext password
</span> <span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C: AUTH PLAIN ...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='comment'># Truncate because this will include a full email and we don&#39;t want
</span> <span class='comment'># to dump it all.
</span> <span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C: </span><span class='embexpr_beg'>#{</span><span class='lparen'>(</span><span class='lparen'>(</span><span class='id identifier rubyid_cmd'>cmd</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>&gt;</span> <span class='int'>120</span><span class='rparen'>)</span> <span class='op'>?</span> <span class='id identifier rubyid_cmd'>cmd</span><span class='lbracket'>[</span><span class='int'>0</span><span class='comma'>,</span><span class='int'>120</span><span class='rbracket'>]</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>...</span><span class='tstring_end'>&quot;</span></span> <span class='op'>:</span> <span class='id identifier rubyid_cmd'>cmd</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_put'>put</span><span class='lparen'>(</span><span class='id identifier rubyid_cmd'>cmd</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_get_once'>get_once</span>
<span class='kw'>while</span> <span class='op'>!</span><span class='lparen'>(</span><span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>(^|\r\n)\d{3}( .*|)\r\n$</span><span class='regexp_end'>/</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_chunk'>chunk</span> <span class='op'>=</span> <span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_get_once'>get_once</span>
<span class='kw'>break</span> <span class='kw'>unless</span> <span class='id identifier rubyid_chunk'>chunk</span>
<span class='kw'>if</span> <span class='id identifier rubyid_res'>res</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>+=</span> <span class='id identifier rubyid_chunk'>chunk</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_chunk'>chunk</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'><span class='object_link'><a href="SMTPDeliver/SMTPCommunicationError.html" title="Msf::Exploit::Remote::SMTPDeliver::SMTPCommunicationError (class)">SMTPCommunicationError</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="#initialize-instance_method" title="Msf::Exploit::Remote::SMTPDeliver#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>SMTP response is incomplete or contains extra data</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span> <span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span> <span class='op'>=~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>(^|\r\n)\d{3}( .*|)\r\n$</span><span class='regexp_end'>/</span></span>
<span class='kw'>rescue</span> <span class='const'>EOFError</span>
<span class='kw'>return</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='comment'># Don&#39;t truncate the server output because it might be helpful for
</span> <span class='comment'># debugging.
</span> <span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>S: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_res'>res</span><span class='period'>.</span><span class='id identifier rubyid_strip'>strip</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_res'>res</span>
<span class='kw'>return</span> <span class='id identifier rubyid_res'>res</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="swap_sock_plain_to_ssl-instance_method">
#<strong>swap_sock_plain_to_ssl</strong>(nsock = self.sock, security = :high) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Create a new SSL session on the existing socket. Used for STARTTLS support.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
291
292
293
294
295
296
297
298
299
300</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/smtp_deliver.rb', line 291</span>
<span class='kw'>def</span> <span class='id identifier rubyid_swap_sock_plain_to_ssl'>swap_sock_plain_to_ssl</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='op'>=</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_sock'>sock</span><span class='comma'>,</span> <span class='id identifier rubyid_security'>security</span><span class='op'>=</span><span class='symbol'>:high</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ctx'>ctx</span> <span class='op'>=</span> <span class='id identifier rubyid_generate_ssl_context'>generate_ssl_context</span><span class='lparen'>(</span><span class='id identifier rubyid_security'>security</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ssl'>ssl</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>SSL</span><span class='op'>::</span><span class='const'>SSLSocket</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_nsock'>nsock</span><span class='comma'>,</span> <span class='id identifier rubyid_ctx'>ctx</span><span class='rparen'>)</span>
<span class='id identifier rubyid_ssl'>ssl</span><span class='period'>.</span><span class='id identifier rubyid_connect'>connect</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_extend'>extend</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='op'>::</span><span class='const'>SslTcp</span><span class='rparen'>)</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_sslsock'>sslsock</span> <span class='op'>=</span> <span class='id identifier rubyid_ssl'>ssl</span>
<span class='id identifier rubyid_nsock'>nsock</span><span class='period'>.</span><span class='id identifier rubyid_sslctx'>sslctx</span> <span class='op'>=</span> <span class='id identifier rubyid_ctx'>ctx</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:06 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink