[35135] in bugtraq
RE: Remote SMTP authentication audit tool?
daemon@ATHENA.MIT.EDU (Bojan Zdrnja)
Fri Jun 4 16:23:32 2004
Reply-To: <Bojan.Zdrnja@LSS.hr>
From: "Bojan Zdrnja" <Bojan.Zdrnja@LSS.hr>
To: "'Evans, Arian'" <Arian.Evans@fishnetsecurity.com>,
"'Byron Pezan'" <mbp@ribbit.net>
Cc: <bugtraq@securityfocus.com>
Date: Fri, 4 Jun 2004 12:46:51 +1200
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <8654C851B1DAFA4FA18A9F150145F92501A13C78@fnex01.fishnetsecurity.com>
Message-Id: <20040604004653.62FBF42FA1@maja.zesoi.fer.hr>
> -----Original Message-----
> From: Evans, Arian [mailto:Arian.Evans@fishnetsecurity.com]
> Sent: Friday, 4 June 2004 3:24 a.m.
> To: Byron Pezan
> Cc: bugtraq@securityfocus.com
> Subject: RE: Remote SMTP authentication audit tool?
>
> If you want to test your server like a spammer via actual
> SMTP authentication
> brute forcing, there are several scripts out there like Brutus.pl:
>
> http://www.0xdeadbeef.info/
>
> (most the spammer scripts have short dictionary lists that
> contain your usual
> admin\admin, backup\null, backup\backup, etc.)
That is just remote login brute force, which relies on VRFY, so it won't
work with any "hardened" MTA.
It doesn't brute force SMTP AUTH.
I'm not aware of any application that does SMTP AUTH brute force, I thought
Hydra would do it but nah.
It isn't too difficult to create one though, just check some MTAs code.
Cheers,
Bojan Zdrnja
CISSP
