mirror of
https://github.com/nmap/nmap.git
synced 2025-12-09 22:21:29 +00:00
7c63ab6bcd
The imap-capabilities script is mostly feature-complete but I could see adding some analysis code to warn users of non-SSL'd IMAP servers that offer STARTTLS without NOLOGIN. The imap "library" is really a joke. It does the minimum required to support getting capabilities and nothing more. IMAP requires each command to use a unique identifier like 000, 001, 002, etc. Right now the identifier is hardcoded to a001. To make a real imap library that supports logging in, and other IMAP features a state variable will have to be maintained to change the command uid. It would be nice to see the library get updated so that IMAP brute-forcing could be supported.
4.6 KiB
4.6 KiB