Abusing SMTP relays at the speed of the command line

If you are anything like me you are a heavy user of the backspace key. Which in most every case is no big deal. However if you are turning up a new SMTP relay onsite at a client or you are misusing one you found on an engagement you most definitely don’t have time for typos. Because as you know connecting to a relay over Telnet requires lazer precision and accuracy with every keystroke. One mistype and you are starting over from the beginning. This script is my answer to this problem. Now quickly I can test a relay without wasted time re typing the same thing over and over again. Simply copy the below script and save it as a .vbs script making sure to replace the relevant fields.

 

Set cloner = Createobject(“wscript.shell”)
cloner.run”cmd” ‘run cmd.exe
wscript.sleep 500

cloner.sendkeys”telnet smtpserveraddress 25″ ‘Example: telnet SMTP.gmail.com 587
cloner.sendkeys(“{ENTER}”)
wscript.sleep 1000

cloner.sendkeys”helo emaildomain.com” ‘Example: gmail.com
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”MAIL FROM: attacker@emaildomain.com” ‘Example: email@gmail.com
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”RCPT TO: anyone@email.com ” ‘Example: email2@gmail.com
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”DATA”
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”SUBJECT: SMTP over Telnet test”
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”Test performed by SMTP over Telnet a script by Jordon Lovik”
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”.”
cloner.sendkeys(“{ENTER}”)
wscript.sleep 500

cloner.sendkeys”QUIT”
wscript.sleep 5000
cloner.sendkeys(“{ENTER}”)
wscript.sleep 5000

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: