NewsForumsCodeLogsGallerySpecsSearch

Code archives/Networking/Relay Hunter (Hacking)

This code has been declared by its author to be Public Domain code.

Download source code

Relay Hunter (Hacking) by Paul "Taiphoz"2004
This is a small bit of code that will scan random IP addresses for the Sendmail Daemon, if it find one it will Attempt to send an e-mail through it.

The output is a list of Possible IPS that allow open relay, or a list of IPs with closed next to em. 
;
;
;	SendMail Relay Scanner.
;
;

Graphics3D 200,100,16,2
SetBuffer BackBuffer()

SeedRnd MilliSecs()

Global SendMail
Global l$,i$,IP$,com

Global Logfile
Global logfile_path$="output.txt"
Global Time_Delay%=2000
Global Counter%=0


logfile=WriteFile(logfile_path$)
WriteLine logfile,"New Scan (DATE HERE)"
WriteLine logfile," "
CloseFile logfile
logfile=OpenFile(logfile_path$)

TCPTimeouts 12,12
	
Repeat
	
	Print "Scanning ";:Delay 20


	;Get a Random IP
	Local octet
	octet=Rnd(20,255)
	ip$=Str(octet)
	For looper=1 To 3
		octet=Rnd(20,255)
		ip$=ip$+"."+Str(octet)
	Next
	
	
		
	sendmail = OpenTCPStream(IP$,25)
	
	If sendmail<>0
		logdata("Scanning [ "+IP$+" ] - Port Open")
		logdata(" ")
		logdata("******************************************************")
		logdata("*  "+IP$)
		logdata("******************************************************")
		
		Read_Incoming()	
		;Send the Mail
		WriteLine sendmail , "HELO SMSCAN"
		Read_Incoming()	
		WriteLine sendmail , "MAIL FROM: sendmail@test.com"
		Read_Incoming()
		WriteLine sendmail , "RCPT TO: your@email.uk.net"
		Read_Incoming()
		
		test%=Instr(l$,"denied",1)
		If test%<>0
			logdata("******************************************************")
			logdata("* DENIED")
			logdata("******************************************************")	
			
		Else
			logdata("******************************************************")
			logdata("*                                       POSSIBLE RELAY")
			logdata("******************************************************")			
		End If
		
		WriteLine sendmail , "DATA"
		WriteLine sendmail , "HELLO We found an Open Relay!!!!"
		WriteLine sendmail , IP$
		WriteLine sendmail , "."	
	
		CloseTCPStream(sendmail)
					
	Else
		logdata("Scanning [ "+IP$+" ] - Port Closed")
	End If
	;hold(600)
	counter=counter+1
	
	
	

	
Until KeyDown(1) Or counter=1000
CloseFile logfile



Function hold(a%)
	Local c%
	Repeat
		c=c+1
	Until (c%=a%) Or KeyDown(1)
	 
End Function

Function logdata(info$)
	DebugLog info$
	WriteLine logfile,info$
End Function

Function Read_Incoming()
	l$ = ReadLine$(sendmail)
	logdata(l$)
End Function

Comments

Paul "Taiphoz"2004
Erm ?


puki2004
Code looks a bit on the short side?


Rambus2004
looks like a copy paist error


Paul "Taiphoz"2004
Im gona try and fix it just now.


Paul "Taiphoz"2004
Thats better.


jfk EO-111102004
Clever code, but I'm afraid that's the kind of thing that is abused to send spam mails, no? Well, name it security scanner then, to make sure your own network range does not support public mal server usage :)


BlitzSupport2005
I'm tempted to delete this. It is interesting, but are there any practical uses for this other than abuse such as spamming? Many ISPs will even suspend their users' accounts for port scanning like this...


Xzider2005
wow,how does it know there email=P:?


Lane2005
Legitimate use.. looking for compermised machines so you can notify the owner to fix it. It is quite well known by now that many of the malware infected machines are now set up to relay mail for spammers.

Legitimate use.. checking your own network for open relays.

Legitimate use.. use as a sample code for writing your own honeypot.


Rck2005
Interesting way to learn about the protocol


Code Archives Forum