CRAM-MD5 Authentication Test Tool
Usage
The cram-md5 tool calculates the CRAM-MD5 digest for SMTP-AUTH.
It is invoked as follows:
./cram-md5 <username> <password> <challenge>
The challenge is Base64 encoded, as returned by the server.
Sample Session
A sample session with an smtp server looks as follows: (lines marked
with "*" are entered by the client)
220 caraz.net-track.ch ESMTP
* EHLO client
250-caraz.net-track.ch
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-PIPELINING
250 8BITMIME
* AUTH CRAM-MD5
Here, the server will output the Base64-encoded challenge:
334 PDMyLjEzMjM0MTIzQG1haWxob3N0Pg==
This challenge can now be used by cram-md5 as follows:
./cram-md5 foo@baar PaZZword PDMyLjEzMjM0MTIzQG1haWxob3N0Pg==
:
:
base64 encoded: Zm9vQGJhYXIgM2I4YTc4ODZkNGYxNzFhNDIxMWZlODU5NDQ0MWZjZmI=
This result can now be entered into the SMTP server conversation:
* Zm9vQGJhYXIgM2I4YTc4ODZkNGYxNzFhNDIxMWZlODU5NDQ0MWZjZmI=
If the username and password is correct, the user is now
authenticated.
Credits
Copyright (C) 2003 Oliver Hitz <oliver@net-track.ch>
Platon Group <platon@platon.org> http://platon.org/
|