SMTP AUTHENTICATION USING LINUX C SOCKET

JIHAD · July 8, 2014

autentificare smtp non-ssl.



#ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
#endif
# ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_ARPA_INET_H
# include <arpa/inet.h>
#endif
#include <sys/time.h>
#include <sys/types.h>
#include <stdlib.h>
#include <fcntl.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
#include <netdb.h>
#include <time.h>
#include <sys/wait.h>
#include <termios.h>

#define TABLELEN        63
#define BUFFFERLEN      128

#define ENCODERLEN      4
#define ENCODEROPLEN    0
#define ENCODERBLOCKLEN 3

#define PADDINGCHAR     '='
#define BASE64CHARSET   "ABCDEFGHIJKLMNOPQRSTUVWXYZ"\
                        "abcdefghijklmnopqrstuvwxyz"\
                        "0123456789"\
                        "+/";


int Base64Encode(char *input, char *output, int oplen);
int encodeblock(char *input, char *output, int oplen);
int Base64Decode(char *input, char *output, int oplen);
int decodeblock(char *input, char *output, int oplen);


int encodeblock(char *input, char *output, int oplen){
   int rc = 0, iplen = 0;
   char encodedstr[ENCODERLEN + 1] = "";
   char encodingtabe[TABLELEN + 1] = BASE64CHARSET;

   iplen = strlen(input);
   encodedstr[0] = encodingtabe[ input[0] >> 2 ];
   encodedstr[1] = encodingtabe[ ((input[0] & 0x03) << 4) |
                                 ((input[1] & 0xf0) >> 4) ];
   encodedstr[2] = (iplen > 1 ? encodingtabe[ ((input[1] & 0x0f) << 2) |
                                              ((input[2] & 0xc0) >> 6) ] : PADDINGCHAR);
   encodedstr[3] = (iplen > 2 ? encodingtabe[ input[2] & 0x3f ] : PADDINGCHAR);
   strncat(output, encodedstr, oplen-strlen(output));

   return rc;
}

int Base64Encode(char *input, char *output, int oplen){
   int rc = 0;
   int index = 0, ipindex = 0, iplen = 0;
   char encoderinput[ENCODERBLOCKLEN + 1] = "";

   iplen = strlen(input);
   while(ipindex < iplen){
      for(index = 0; index < 3; index++){
         if(ipindex < iplen){
            encoderinput[index] = input[ipindex];
         }else{
            encoderinput[index] = 0;
         }
         ipindex++;
      }
      rc = encodeblock(encoderinput, output, oplen);
   }

   return rc;
}



int checkauth(char *username,char *password,char *hostname)
{
    char *authok = "Authentication successful";
    int rc = 0;
    char user[BUFFFERLEN + 1] = "";
    char pass[BUFFFERLEN + 1] = "";
    int socket_desc;
    struct sockaddr_in server;
    char server_reply[2000];
    char message[200];

    struct timeval timeout;      
    timeout.tv_sec = 3;
    timeout.tv_usec = 0;

    socket_desc = socket(AF_INET , SOCK_STREAM , 0);
    if (socket_desc == -1)
    {
       return 1;
    }

    server.sin_addr.s_addr = inet_addr(hostname);
    server.sin_family = AF_INET;
    server.sin_port = htons( 25 );

    if (setsockopt (socket_desc, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,
                sizeof(timeout)) < 0)
        error("setsockopt failed\n");

    if (setsockopt (socket_desc, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout,
                sizeof(timeout)) < 0)
        error("setsockopt failed\n");

    if (connect(socket_desc , (struct sockaddr *)&server , sizeof(server)) < 0)
    {
       return 1;
    }

    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1;  }

    sprintf(message,"EHLO JIHAD\n");
    if( send(socket_desc , message , strlen(message) , 0) < 0)  { return 1; }
    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1;  }

    sprintf(message,"auth login\n");
    if( send(socket_desc , message , strlen(message) , 0) < 0)  { return 1; }
    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1;  }

    rc = Base64Encode(username, user, BUFFFERLEN);
    sprintf(message, "%s\n", user);
    if( send(socket_desc , message , strlen(message) , 0) < 0)  { return 1; }
    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1; }

    rc = Base64Encode(password, pass, BUFFFERLEN);
    sprintf(message, "%s \n", pass);
    if( send(socket_desc , message , strlen(message) , 0) < 0)  { return 1; }
    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1; }

if(strstr(server_reply, authok) != NULL) 
{
		fprintf(stderr, "[*] OK : %s:%s %s \n", username,password,hostname);
                close(socket_desc);
} 

else
{
                fprintf(stderr, "[*] NOT OK : %s:%s %s \n", username,password,hostname);
                close(socket_desc);
                exit (1);
}

}


int main (int argc, char **argv)
{
checkauth(argv[1],argv[2], argv[3]);
}

Elohim · July 8, 2014

Sunt cazuri si servere ( iti pot demonstra ) unde DOAR \N nu este deajuns, fiind nevoie de CRLF ( \R\N ) cum se specifica in RFC-uri.

JIHAD · July 8, 2014

sunt cazuri, asta e doar unul. trimiti EHLO, metoda de autentificare, si user parola criptate base64

JIHAD · July 8, 2014

argumenteaza prin exemplu practic, nu doar din auzite. e sectiunea programare, nu sectiunea post hunting.

nedo · July 8, 2014

JIHAD, ai butonul de edit, nu e nevoie sa faci dublu post.

In general, este recomandat sa termini liniile cu \r\n, pentru ca daca trimiti doar \n e posibil sa nu ti-l recunoasca, dar daca trimiti \r\n ti-l va recunoaste orice sistem.

In plus, nu vad unde este problema ca se adauga sau nu un \r\n. Elohim a adus o adaugare si atat. Nu este cazul sa te superi. Tutorialul tau este foarte interesant si binevenit, insa oricine mai are de invatat, si, dupa parerea mea, ar trebui sa fi bucuros intotdeauna cand cineva te corecteaza sau aduce adaugiri la lucrarea ta. Inseamna ca cineva a fost citit indeajuns de bine, si a fost indeajuns de atent la citirea lucrari tale, incat a observat ceva care la prima vedere ar parea asa minor. Bravo inca o data pentru tutorial, dar chill.

Edited July 8, 2014 by nedo

Elohim · July 8, 2014

argumenteaza prin exemplu practic, nu doar din auzite. e sectiunea programare, nu sectiunea post hunting.

Ti-am argumentat din experienta proprie ca sunt extrem de multe cazuri unde nu ti se recunoaste doar LF (\n) ci este nevoie de CRLF(\R\N). Nu vad de ce te agiti, niciun cod nu este perfect, ti-am atras doar atentia ca nu se respecta RFC-urile. Nu esti la vreun concurs. Daca nu esti dispus sa asculti si partea negativa a unui cod, nu esti departe de modelul copy/paste. Nici nu mai vad cazul unei demonstratii. Felicitari daca este scris de tine.

JIHAD · July 8, 2014

n-am vrut sa para ca m-am suparat sau agitat, ideea e ca eram interesat sa stiu care sunt cazurile cand este nevoie de CRLF. ce server, etc? asa "sunt cazuri.." pare f. vag. vroiam sa stiu in ce conditii e nevoie de CRLF.

PS: stiu ca am edit, dar eram pe telefon mai devreme, mai usor mi s-a parut sa raspund asa.

Edited July 8, 2014 by JIHAD

Sign In

SMTP AUTHENTICATION USING LINUX C SOCKET

Recommended Posts

JIHAD

Elohim

JIHAD

JIHAD

nedo

Elohim

JIHAD

Join the conversation

Browse

Activity

Pages