Merge pull request #8318 from ricardomaia/exim-detect

Exim Detect template
projectdiscovery · Oct 5, 2023 · 5796b6b · 5796b6b
2 parents d5563a2 + e81bf51
commit 5796b6b
Showing 1 changed file with 37 additions and 0 deletions.
diff --git a/network/detection/exim-detect.yaml b/network/detection/exim-detect.yaml
@@ -0,0 +1,37 @@
+id: exim-detect
+
+info:
+  name: Exim - Detect
+  author: ricardomaia
+  severity: info
+  description: |
+    Exim can accept messages from remote hosts using SMTP over TCP/IP, and as well as from local processes. It handles local deliveries to mailbox files or to pipes attached to commands, as well as remote SMTP deliveries to other hosts.
+  reference:
+    - https://www.exim.org/docs.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    shodan-query: product:"Exim smtpd"
+  tags: network,detect,smtp,mail,exim
+
+tcp:
+  - inputs:
+      - data: "\n"
+
+    host:
+      - "{{Hostname}}"
+    port: 587
+
+    matchers:
+      - type: word
+        words:
+          - "ESMTP Exim"
+
+    extractors:
+      - type: regex
+        group: 1
+        name: version
+        regex:
+          - '(?i)SMTP.Exim\s?([\w.]+)'