mirror of
https://github.com/nmap/nmap.git
synced 2025-12-15 12:19:02 +00:00
8bd71aaf43
I made every script follow a standard form: it starts with the id, followed by the description. The description is contained in [[ ]] delimiters. The description is in the global description variable, not in a LuaDoc comment. Other LuaDoc information such as @args and @usage follows the description in a comment. The first paragraph of each description is a a short summary of what the script does. More detailed information, if any, is given in following paragraphs. I also improved some wording and formatting in a few cases.
42 lines
801 B
Lua
42 lines
801 B
Lua
id = "Unexpected SMTP"
|
|
description = [[
|
|
Checks if SMTP is running on a non-standard port.
|
|
\n\n
|
|
This usually indicates crackers or script kiddies have set up a backdoor on the
|
|
system to send spam or control your machine.
|
|
]]
|
|
|
|
---
|
|
-- @output
|
|
-- 22/tcp open ssh\n
|
|
-- |_ Warning: smtp is running on a strange port.\n
|
|
|
|
author = "Diman Todorov <diman.todorov@gmail.com>"
|
|
|
|
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
|
|
|
|
categories = {"malware"}
|
|
|
|
portrule = function(host, port)
|
|
if
|
|
( port.number ~= 25
|
|
and
|
|
port.number ~= 465
|
|
and
|
|
port.number ~= 587
|
|
and
|
|
port.service == "smtp" )
|
|
and port.protocol == "tcp"
|
|
and port.state == "open"
|
|
then
|
|
return true
|
|
else
|
|
return false
|
|
end
|
|
end
|
|
|
|
action = function()
|
|
return "Warning: smtp is running on a strange port"
|
|
end
|
|
|