Testing servers for STARTTLS command injection vulnerability
Project description
Command Injection Tester
The command-injection-tester
script allows for straightforward testing of email servers for the STARTTLS command injection vulnerability in SMTP, POP3, and IMAP.
Usage
The command
python3 command-injection-tester --imap --pop3 --smtp <hostname>
tests <hostname>
for the command injection in IMAP, POP3, and SMTP.
Parameters
--help
(-h
): Print help message.--imap
: Use the IMAP protocol--pop3
: Use the POP3 protocol--smtp
: Use the SMTP protocol--imap-port
(-i
): IMAP port to check (default: 143)--pop3-port
(-p
): POP3 port to check (default: 110)--smtp-port
(-s
): SMTP port to check (default: 587)--quiet
(-q
): Be less verbose--timeout
(-t
): Timeout in seconds to use for network sockets. Increase in case of problems (default: 2)--logdir
(-l
): Path to log directory (default:./logs
)
Example:
The Command Injection Tester can best be tested using the Fake Mail Server:
- Start the
Fake Mail Server
:
$ sudo ./fake_mail_server setup
- Run this script against the server:
$ python3 command-injection-tester --imap --pop3 --smtp localhost
- Since the Fake Mail Server is intentionally vulnerable against the command injection, you should see
Command injection here!
after every protocol test.
Testing live servers should be just as easy. If connections keep timing out/the sanity test keeps failing, try increasing the timeout using the --timeout
parameter.
Background
This tool was published as part of our research on security vulnerabilities in STARTTLS:
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file command-injection-tester-0.0.2.tar.gz
.
File metadata
- Download URL: command-injection-tester-0.0.2.tar.gz
- Upload date:
- Size: 6.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.6.4 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.1 CPython/3.8.11
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 03e8b67bfc2876dc8c2016d7331470341f4d1ef287603da05498e4878c9ccfb7 |
|
MD5 | b748096fbfb03cdb958402c861cea1bb |
|
BLAKE2b-256 | 5b53ffc5b2a806f2d2d895d5d043dcdf37405b87aa8a70bc28d042f9bafd7111 |
File details
Details for the file command_injection_tester-0.0.2-py3-none-any.whl
.
File metadata
- Download URL: command_injection_tester-0.0.2-py3-none-any.whl
- Upload date:
- Size: 7.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.2 importlib_metadata/4.6.4 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.1 CPython/3.8.11
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 762ebeefba7255c3f69e5311df0dad033186e4d2c4f119a23120e3f75209c364 |
|
MD5 | 4f8a1ef1fa625f60e1e3c0b13ac1cd7d |
|
BLAKE2b-256 | 14f6d1569d5161da553e3ba6dee2f6ce18595bf5ac7ae4907b4e7f90a69f438b |