2024-03-09 14:23:42 +00:00
id : pop3-capabilities-enum
info :
name : POP3 Capabilities - Enumeration
2024-08-16 17:32:59 +07:00
author : pussycat0x,daffainfo
2024-03-09 14:23:42 +00:00
severity : info
description : |
POP3 capabilities are defined in RFC 2449. The CAPA command allows a client to ask a server what commands it supports and possibly any site-specific policy. Besides the list of supported commands, the IMPLEMENTATION string giving the server version may be available.
reference :
- https://nmap.org/nsedoc/scripts/pop3-capabilities.html
metadata :
2024-06-07 10:04:29 +00:00
verified : true
2025-05-27 10:39:47 +08:00
max-request : 1
2024-03-09 14:23:42 +00:00
shodan-query : "port:110"
tags : js,network,pop3,enum
2024-07-10 17:38:01 +05:30
2024-03-09 14:23:42 +00:00
javascript :
2024-07-10 17:38:01 +05:30
- pre-condition : |
isPortOpen(Host,Port);
code : |
2024-03-09 14:23:42 +00:00
let data = "CAPA\r\n"
let c = require("nuclei/net");
let conn = c.Open('tcp', `${Host}:${Port}`);
conn.Send(data);
let result = conn.RecvString();
2024-08-16 17:32:59 +07:00
Export(result);
2024-03-09 14:23:42 +00:00
args :
Host : "{{Host}}"
Port : 110
2024-04-05 13:26:00 +05:30
matchers-condition : and
2024-03-09 14:23:42 +00:00
matchers :
- type : dsl
dsl :
- "success == true"
2024-08-16 17:32:59 +07:00
- type : regex
regex :
- '\+OK.*'
2024-04-05 13:26:00 +05:30
- type : word
words :
- "HTTP/1.1"
2024-04-05 13:30:24 +05:30
negative : true
2024-04-05 13:26:00 +05:30
2024-03-09 14:23:42 +00:00
extractors :
- type : dsl
dsl :
2024-08-16 17:32:59 +07:00
- replace_regex(replace_regex(response, "\\+OK.*\\r\\n\\+OK.*\\r\\n", ""), "\\r\\n", " ")
2024-12-01 13:57:55 +00:00
# digest: 4b0a00483046022100c957357d15f462455be496c73e8f89fd07074ad81a2cca56f34892c76b9c8e8b022100a528a75c198f442f00c7291208c698a0e4a84e721f509aca879076d5b69ee63f:922c64590222798bb761d5b6d8e72950
