Skip to main content

Testing servers for STARTTLS command injection vulnerability

Project description

Command Injection Tester

The command-injection-tester script allows for straightforward testing of email servers for the STARTTLS command injection vulnerability in SMTP, POP3, and IMAP.

Usage

The command

python3 command-injection-tester --imap --pop3 --smtp <hostname>

tests <hostname> for the command injection in IMAP, POP3, and SMTP.

Parameters

  • --help (-h): Print help message.
  • --imap: Use the IMAP protocol
  • --pop3: Use the POP3 protocol
  • --smtp: Use the SMTP protocol
  • --imap-port (-i): IMAP port to check (default: 143)
  • --pop3-port (-p): POP3 port to check (default: 110)
  • --smtp-port (-s): SMTP port to check (default: 587)
  • --quiet (-q): Be less verbose
  • --timeout (-t): Timeout in seconds to use for network sockets. Increase in case of problems (default: 2)
  • --logdir (-l): Path to log directory (default: ./logs)

Example:

The Command Injection Tester can best be tested using the Fake Mail Server:

  1. Start the Fake Mail Server:
$ sudo ./fake_mail_server setup
  1. Run this script against the server:
$ python3 command-injection-tester --imap --pop3 --smtp localhost
  1. Since the Fake Mail Server is intentionally vulnerable against the command injection, you should see Command injection here! after every protocol test.

Testing live servers should be just as easy. If connections keep timing out/the sanity test keeps failing, try increasing the timeout using the --timeout parameter.

Background

This tool was published as part of our research on security vulnerabilities in STARTTLS:

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

command-injection-tester-0.0.2.tar.gz (6.5 kB view details)

Uploaded Source

Built Distribution

command_injection_tester-0.0.2-py3-none-any.whl (7.2 kB view details)

Uploaded Python 3

File details

Details for the file command-injection-tester-0.0.2.tar.gz.

File metadata

  • Download URL: command-injection-tester-0.0.2.tar.gz
  • Upload date:
  • Size: 6.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.2 importlib_metadata/4.6.4 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.1 CPython/3.8.11

File hashes

Hashes for command-injection-tester-0.0.2.tar.gz
Algorithm Hash digest
SHA256 03e8b67bfc2876dc8c2016d7331470341f4d1ef287603da05498e4878c9ccfb7
MD5 b748096fbfb03cdb958402c861cea1bb
BLAKE2b-256 5b53ffc5b2a806f2d2d895d5d043dcdf37405b87aa8a70bc28d042f9bafd7111

See more details on using hashes here.

File details

Details for the file command_injection_tester-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: command_injection_tester-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 7.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.2 importlib_metadata/4.6.4 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.1 CPython/3.8.11

File hashes

Hashes for command_injection_tester-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 762ebeefba7255c3f69e5311df0dad033186e4d2c4f119a23120e3f75209c364
MD5 4f8a1ef1fa625f60e1e3c0b13ac1cd7d
BLAKE2b-256 14f6d1569d5161da553e3ba6dee2f6ce18595bf5ac7ae4907b4e7f90a69f438b

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page