summaryrefslogtreecommitdiffstats
path: root/scripts/imap-capabilities.nse
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/imap-capabilities.nse')
-rw-r--r--scripts/imap-capabilities.nse53
1 files changed, 53 insertions, 0 deletions
diff --git a/scripts/imap-capabilities.nse b/scripts/imap-capabilities.nse
new file mode 100644
index 0000000..b7d3798
--- /dev/null
+++ b/scripts/imap-capabilities.nse
@@ -0,0 +1,53 @@
+local imap = require "imap"
+local shortport = require "shortport"
+local stdnse = require "stdnse"
+local table = require "table"
+
+description = [[
+Retrieves IMAP email server capabilities.
+
+IMAP4rev1 capabilities are defined in RFC 3501. The CAPABILITY command
+allows a client to ask a server what commands it supports and possibly
+any site-specific policy.
+]]
+
+---
+-- @output
+-- 143/tcp open imap
+-- |_ imap-capabilities: LOGINDISABLED IDLE IMAP4 LITERAL+ STARTTLS NAMESPACE IMAP4rev1
+
+
+author = "Brandon Enright"
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+
+categories = {"default", "safe"}
+
+
+portrule = shortport.port_or_service({143, 993}, {"imap", "imaps"})
+
+local function fail (err) return stdnse.format_output(false, err) end
+
+action = function(host, port)
+ local helper = imap.Helper:new(host, port)
+ local status = helper:connect()
+ if ( not(status) ) then return fail("Failed to connect to server") end
+
+ local status, capa = helper:capabilities(host, port)
+ if( not(status) ) then return fail("Failed to retrieve capabilities") end
+ helper:close()
+
+ if type(capa) == "table" then
+ -- Convert the capabilities table into an array of strings.
+ local capstrings = {}
+ local cap, args
+ for cap, args in pairs(capa) do
+ table.insert(capstrings, cap)
+ end
+ return table.concat(capstrings, " ")
+ elseif type(capa) == "string" then
+ stdnse.debug1("'%s' for %s", capa, host.ip)
+ return
+ else
+ return "server doesn't support CAPABILITIES"
+ end
+end