{{error}}
{{(quickSearchResults.length>10)?'10+':(quickSearchResults.length)}} {{(quickSearchResults.length==1)?'result':'results'}}
{{result.title}}
{{result.timeStamp | mysql2ymd }}
I am sorry, no such article was written yet.
2012-02-25
SMTP Server illegal access failure
I took a look in the logs of my ad-hoc SMTP server (running on the main domain) sorescu.eu and I noticed a series of denied authentications.
I did not understand what happened, but I saw the user and the password list encoded in Base64. After I collected all the encoded values, I was curious which credentials were tested. I shall present below the application that I wrote to help me in decoding them, and, the list of passwords used to log in.
Java Base64 decoder code:
Worthy saying, before listing the password list:
- the client presented itself as GOD-E49531CFA2A (really?!?);
- the client was a bot that was simply dumping plain text to port 25, as it continued sending the mail spam, without even looking that the access was denied;
- my SMTP server and relay are the product of one white-night, but this test is a first realistic test of my server;
- many more things remain to be implemented in server, including white and black lists, including changing the password with a strong one;
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import javax.xml.bind.DatatypeConverter; public class Base64 { public static void main(String[] args) throws IOException { BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); for (String line = reader.readLine(); line.length() > 0; line = reader.readLine()) { String result = new String(DatatypeConverter.parseBase64Binary(line)); System.out.println(result); } } }
oracle oracle!@#$ oracle123 oracle1234 master master!@#$ master123 master1234 server server!@#$ server123 server1234 sybase sybase!@#$ sybase123 sybase1234 root root!@#$ root123 root1234 web webmaster webmaster!@#$ webmaster123 webmaster1234 web!@#$ web123 web1234 test test!@#$ test123 test1234 user user!@#$ user123 user1234 !@#$ !@#$% !@#$%^ !@#$%^& !@#$%^&* 1 111 123 1234 123456 654321 backup backup!@#$ backup123 backup1234 admin admin!@#$ admin123 admin1234 asdf asdfgh data data!@#$ data123 data1234