You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to build this you will need to spin up an instance of Haraka and wait for the "Listening" line in the output, and then start sending fuzzed SMTP commands.
FEEL FREE TO IGNORE THIS COMMENT
I was bored and wanted to try this, so I reimplemented the mentioned Ruby script to Python with PWN tools.
Probably will not be of any use. But it is pretty easy to implement using Python and the PWN toolkit. https://gist.github.com/PSSGCSim/db8a5ec165d00608415dafa9106b57f4
Create a fuzzing based test that stress tests Haraka's SMTP parsing engine to see if we can crash it.
This is a hacktoberfest ticket, so do not submit PRs until Oct 1st.
https://en.wikipedia.org/wiki/Fuzzing - for details on what fuzzing is.
In order to build this you will need to spin up an instance of Haraka and wait for the "Listening" line in the output, and then start sending fuzzed SMTP commands.
There's a ruby based SMTP fuzzer here that might be a useful starting point: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/fuzzers/smtp/smtp_fuzzer.rb
The text was updated successfully, but these errors were encountered: