TestSmtp.py

Go to the documentation of this file.
00001 ##
00002 # 
00003 # Test case: security.enumeration.TestSmtp
00004 # 
00005 from testenv.core.TestCase import TestCase
00006 
00007 ##
00008 # 
00009 #       Scenario: SMTP enumeration
00010 #       
00011 #       This test tries to enumerate SMTP users with vrfy and expn.
00012 #       
00013 #       @ingroup test_case_all
00014 #       
00015 class TestSmtp(TestCase):
00016         
00017         ##
00018         # 
00019         #               This function is called by the __init__ function from the parent.
00020         #               Don't define your own __init__ here!
00021         #               
00022         def initTestCase(self):
00023 
00024                 #set description to identify test case in output
00025                 self.setDescription("SMTP enumeration")
00026 
00027 
00028         ##
00029         # 
00030         #               implementation of SMTP enumeration
00031         #               
00032         def test(self):
00033                 
00034                 #get target IP address from config
00035                 targetIp = self.getParameter("configuration.local.target.ip")
00036                 
00037                 #nmap parameter list
00038                 nmapArgs = ["-p25", targetIp]
00039                 
00040                 #define port scan
00041                 nmapTest = self.newTest("nmap", "portscan", {'arguments' : nmapArgs})
00042                 
00043                 #run port scan
00044                 nmapTest.start()
00045                 nmapTest.join()
00046                 
00047                 #get results from port scan
00048                 nmapTestResult = self.getResult("portscan")
00049                 hosts = nmapTestResult.getValue("hosts")
00050 
00051                 resultFlag = 0
00052                 #run test only if ports are open
00053                 for host in hosts:
00054                         address = host.getAddress()
00055                         #netcat parameter lists
00056                         args = ["-nvv", address, "25"]
00057                 
00058                         #netcat injection commands
00059                         injections1 = ["vrfy root", "quit"]
00060                         injections2 = ["expn adm", "quit"]
00061                 
00062                         #define enumeration with vrfy
00063                         test1 = self.newTest("netcat", "vrfy (" + address + ")", {'arguments' : args, 'injections' : injections1})
00064                         
00065                         #define enumeration with expn
00066                         test2 = self.newTest("netcat", "expn (" + address + ")", {'arguments' : args, 'injections' : injections2})
00067                 
00068                         #run enumeration with vrfy
00069                         test1.start()
00070                         test1.join()
00071                         #run enumeration with expn
00072                         test2.start()
00073                         test2.join()
00074                         
00075                         test1Result = self.getResult("vrfy (" + address + ")")
00076                         test2Result = self.getResult("expn (" + address + ")")
00077                         output = test1Result.getValue("output")
00078                         if output.find("250 root") > -1:
00079                                 resultFlag = 1
00080                         output = test2Result.getValue("output")
00081                         if output.find("250 adm") > -1:
00082                                 resultFlag = 1
00083 
00084                 assert resultFlag == 0
00085 
00086 

Generated on Mon Aug 11 17:28:25 2008 for TestEnv by  doxygen 1.5.5