Issues with smtp_web.py Source Email

[mikesiegel]

Hello,

I believe I'm running into some bugs in 5.4.2 with the smtp_web.py module.
User tracking is set to ON.

Test case is as follows:

1. Social-Engineering Attacks
2. Website Attack Vectors
3. Credential Harvester Attack Method
4. Site Cloner

Specify my IP and an example site www.google.com,

1. E-Mail Attack Single Email Address
   Enter in email,
2. Use your own server or open relay. No auth.

Running Sendmail=1.

Open relay option specifies:
Specify Open-Relay Option Here
if relay == '2':
user1 = raw_input(setprompt(["1"], "From address (ex: moo@example.com)"))
from_address = raw_input(setprompt(["1"], "The FROM NAME the user will see"))
if sendmail==0:
user = raw_input(setprompt(["1"], "Username for open-relay [blank]"))
pwd = getpass.getpass("Password for open-relay [blank]: ")

However user1 isnt used, if sendmail==1 the function is called line this on line 268

if sendmail == 1:
mailServer.sendmail,(user, to, msg.as_string())

As a result this will die:
Dec 13 16:59:06 kali sm-mta[22741]: rBDLx6Fi022741: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4

[trustedsec]

Thanks for the bug report, I believe I fixed this by specifying user = user1 to define what user is now. Let me know if it works, looks good on my Kali box but I don't have a destination to send it to that doesnt do reverse lookups.