Skip to content
Nuclei Templates

POP3 Capabilities - Enumeration

ID: pop3-capabilities-enum

Severity: info

Author: pussycat0x,daffainfo

Tags: js,network,pop3,enum

Description

Section titled “Description”

POP3 capabilities are defined in RFC 2449. The CAPA command allows a client to ask a server what commands it supports and possibly any site-specific policy. Besides the list of supported commands, the IMPLEMENTATION string giving the server version may be available.

YAML Source

Section titled “YAML Source”
id: pop3-capabilities-enum


info:
  name: POP3 Capabilities - Enumeration
  author: pussycat0x,daffainfo
  severity: info
  description: |
    POP3 capabilities are defined in RFC 2449. The CAPA command allows a client to ask a server what commands it supports and possibly any site-specific policy. Besides the list of supported commands, the IMPLEMENTATION string giving the server version may be available.
  reference:
    - https://nmap.org/nsedoc/scripts/pop3-capabilities.html
  metadata:
    verified: true
    max-request: 1
    shodan-query: "port:110"
  tags: js,network,pop3,enum


javascript:
  - pre-condition: |
      isPortOpen(Host,Port);
    code: |
      let data = "CAPA\r\n"
      let c = require("nuclei/net");
      let conn = c.Open('tcp', `${Host}:${Port}`);
      conn.Send(data);
      let result = conn.RecvString();
      Export(result);


    args:
      Host: "{{Host}}"
      Port: 110


    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - "success == true"


      - type: regex
        regex:
          - '\+OK.*'


      - type: word
        words:
          - "HTTP/1.1"
        negative: true


    extractors:
      - type: dsl
        dsl:
          - replace_regex(replace_regex(response, "\\+OK.*\\r\\n\\+OK.*\\r\\n", ""), "\\r\\n", " ")
# digest: 4b0a00483046022100c957357d15f462455be496c73e8f89fd07074ad81a2cca56f34892c76b9c8e8b022100a528a75c198f442f00c7291208c698a0e4a84e721f509aca879076d5b69ee63f:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "javascript/enumeration/pop3/pop3-capabilities-enum.yaml"

View on Github