Response code 252 is outputed in red, although the user might exist #18
Comments
|
Did a PR here: #19 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Hello,
First, thanks for developing and maintaining this tool.
I've been using this tool for a Hack the box Academy exercise, where I simply had to find a user that existed on a distant machine running an SMTP server, and that's what got me to learn about this tool.
The exercise suggested to use a custom usernames list which was 100 lines long, so the existing username was quickly found.
However, the response code of the VRFY command that checked for the existing user was 252, although the usual response code corresponding to a success is 250. According to this list of SMTP response codes, the response code 252 means "The server cannot verify the user, but it will try to deliver the message anyway.". In this case, all other usernames returned a 550 response code, so this 252 response code had to mean the user existed.
The problem is: I almost didn't see that this username was a "correct" one, because it got outputted in red. Here's the picture:
Since color red meant error to me, I simply scrolled very fast in my terminal to look for a line that is not in red, and it took me a bit of time to figure out the response message was different for a user. Looking at the capture, it looks obvious there's a username that's different from the others, but scrolling fast through the output, I assure you it's not that easy to see.
To be honest, if I didn't know based on the exercise's hints that there had to be a valid user, I would not have seen it at all.
So here's my question: would it be possible to output in yellow or in orange some of the existing response codes that aren't 250 (the usual success response code) but that could still indicate a potential existing user ?
I don't know much about SMTP and I have no idea if codes other than 250 for success and 550 for fail are that much usual, but I thought that could be helpful.
I went to check the part of the code which is responsible for deciding of the output color, and it turns out it is very simply decided here: if the response code starts with "250 ", then the line will be printed in green, and if not, then the line will be outputted in red. Maybe some codes such as 252 could be outputted in orange or yellow ?
Also, the text between angle brackets is "----" in case of a non-250 response code, and "SUCC" in case of a 250 response code ; maybe it could be something like "????" for 252, since we're unsure of the result ?
The text was updated successfully, but these errors were encountered: