0

I have written a code in Python, and I want to change it. I use it when I am performing a penetration tests in my organization and I want to make my script better. The script gets a username that I entering and it connect to the SMTP server over port 25 and check if the user exists or not. Here is the script:

#!/usr/bin/python

import socket
import sys

if len(sys.argv) != 2:
 print "Usage: vrfy.py <username>"
        sys.exit(0)

# Create a Socket
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)

# Connect to the Server
connect=s.connect(('192.168.0.10',25))

# Recieve the banner
banner=s.recv(1024)
print banner

# VRFY a user
s.send('VRFY ' + sys.argv[1] + '\r\n')
result=s.recv(1024)
print result

# Close the socket
s.close()

The changes that I want to perform are the following: Instead of entering only one username to check, I want to mention a location of a txt file and the script will read all the usernames it contains.

Also, I what that the IP address at the script wont be hard coded and I will need to insert it every time I am using the script. Many thanks in advance,

Bar Aviv

Improve this question
1
  • Its things like this (username farming) that are why I disable VRFY on my mailer. Commented Jul 12, 2010 at 22:23

2 Answers 2

Reset to default
2

You're not really supposed to use the low-level socket send() and recv() directly like that. They're not guaranteed to send/receive any particular amount of data. It might just happen to work the way you want talking to one particular mail server, but as soon as commands/responses don't fit one-to-one into IP packets, you're going to get weird results.

If you want a simple blocking conversational stream, try the file interface you get from socket.makefile.

You should probably implement a little more of SMTP as well... at least say helo!

The below reads usernames from standard input, so you can direct a file of usernames to it by saying:

python vrfy.py 127.0.0.1 < usernames.txt

though you could change it to read sys.argv[2] for another filename parameter if you wanted.

users= []
for line in sys.stdin:
    line= line.strip()
    if line!='':
        users.append(line)

s= socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((sys.argv[1], 25))
fp= s.makefile('rwb')

fp.readline() # ignore banner
fp.write('HELO test.example.com\r\n')
fp.flush()
fp.readline() # ignore response

for user in users:
    fp.write('VRFY %s\r\n' % user)
    fp.flush()
    print '%s: %s' % (user, fp.readline().strip())

fp.write('QUIT\r\n')
fp.flush()
s.close()
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Use something like the following:

with open(sys.argv[1]) as f:
    for line in f:
        username = line.replace('\n', '')
        print 'Testing with user: %s' % user

For the IP address, you can pass it as a second argument -- verify.py username-list-file server-ip-address -- and reference as sys.argv[2].

You can also do something like:

try:
    userlist = sys.argv[1]
    server_address = sys.argv[2]
except IndexError:
    print 'Usage: verify.py username-list-file server-ip-address'
    sys.exit(-1)
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.