[foofus-tools] Medusa: IMAP STARTTLS
jmk
jmk at foofus.net
Thu May 5 11:57:17 PDT 2011
Hi Mathew,
On Thu, 2011-05-05 at 14:37 -0400, Mathew Rowley wrote:
> Is there a command line to force IMAP STARTTLS? I am getting the
> following error:
No. Is IMAPS (993/tcp) open? You could use the "-s" option and just go
SSL the whole way.
> $ medusa -h HOST.com -u 'USER at HOST.com' -P password.lst -M imap -v 100
> -n 143
> Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks
> <jmk at foofus.net>
>
> GENERAL: Parallel Hosts: 1 Parallel Logins: 1
> GENERAL: Total Hosts: 1
> GENERAL: Total Users: 1
> GENERAL: Total Passwords: 3169
> ERROR: Failed to match regex pattern within server's response.
> ERROR: [imap.mod] Failed: No OK message received for CAPABILITY request.
> GENERAL: Medusa has finished.
If you add "-w 100" to the command-line you should see better debug
data. Some day I'll merge "-v/-w" and come up with a better error
reporting system.
> But I can see via tcpdump, that the response from 'CAPABILITY' is:
>
> * CAPABILITY IMAP4rev1 UIDPLUS IDLE LOGIN-REFERRALS NAMESPACE QUOTA
> CHILDREN AUTH=DIGEST-MD5 STARTTLS LOGINDISABLED\r\n
It looks like we match on "OK CAPABILITY", not "* CAPABILITY". If you
tweak the regex in imap.c (line 404), so can probably get around this.
I'll make a note to rework this check to me more flexible.
Thanks,
Joe
More information about the foofus-tools
mailing list