Land rapid7#7721, better smtp connection error messages

Author: sgonzalez-r7

lib/msf/core/exploit/smtp_deliver.rb

@@ -107,7 +107,12 @@ def connect_login(global = true)
           # Have to double the username.  SMTP auth is weird
           user = "#{datastore["USERNAME"]}\0" * 2
           auth = Rex::Text.encode_base64("#{user}#{datastore["PASSWORD"]}")
-          raw_send_recv("AUTH PLAIN #{auth}\r\n", nsock)
+          res = raw_send_recv("AUTH PLAIN #{auth}\r\n", nsock)
+          unless res[0..2] == '235'
+            print_error("Authentication failed, quitting")
+            disconnect(nsock)
+            raise RuntimeError.new 'Could not authenticate to SMTP server'
+          end
         else
           print_status("Server requested auth and no creds given, trying to continue anyway")
         end
@@ -117,7 +122,12 @@ def connect_login(global = true)
           auth = Rex::Text.encode_base64("#{datastore["PASSWORD"]}")
           raw_send_recv("AUTH LOGIN\r\n",nsock)
           raw_send_recv("#{user}\r\n",nsock)
-          raw_send_recv("#{auth}\r\n",nsock)
+          res = raw_send_recv("#{auth}\r\n",nsock)
+          unless res[0..2] == '235'
+            print_error("Authentication failed, quitting")
+            disconnect(nsock)
+            raise RuntimeError.new 'Could not authenticate to SMTP server'
+          end
         else
           print_status("Server requested auth and no creds given, trying to continue anyway")
         end
@@ -157,34 +167,37 @@ def send_message(data)
     end
 
     raw_send_recv("MAIL FROM: <#{datastore['MAILFROM']}>\r\n", nsock)
-    raw_send_recv("RCPT TO: <#{datastore['MAILTO']}>\r\n", nsock)
-
-    resp = raw_send_recv("DATA\r\n", nsock)
-
-    # If the user supplied a Date field, use that, else use the current
-    # DateTime in the proper RFC2822 format.
-    if datastore['DATE'].present?
-      date = "Date: #{datastore['DATE']}\r\n"
-    else
-      date = "Date: #{DateTime.now.rfc2822}\r\n"
-    end
+    res = raw_send_recv("RCPT TO: <#{datastore['MAILTO']}>\r\n", nsock)
+    if res[0..2] == '250'
+      resp = raw_send_recv("DATA\r\n", nsock)
+
+      # If the user supplied a Date field, use that, else use the current
+      # DateTime in the proper RFC2822 format.
+      if datastore['DATE'].present?
+        date = "Date: #{datastore['DATE']}\r\n"
+      else
+        date = "Date: #{DateTime.now.rfc2822}\r\n"
+      end
 
-    # If the user supplied a Subject field, use that
-    subject = nil
-    if datastore['SUBJECT'].present?
-      subject = "Subject: #{datastore['SUBJECT']}\r\n"
-    end
+      # If the user supplied a Subject field, use that
+      subject = nil
+      if datastore['SUBJECT'].present?
+        subject = "Subject: #{datastore['SUBJECT']}\r\n"
+      end
 
-    # Avoid sending tons of data and killing the connection if the server
-    # didn't like us.
-    if not resp or not resp[0,3] == '354'
-      print_error("Server refused our mail")
+      # Avoid sending tons of data and killing the connection if the server
+      # didn't like us.
+      if not resp or not resp[0,3] == '354'
+        print_error("Server refused our mail")
+      else
+        full_msg = ''
+        full_msg << date unless data =~ /date: /i
+        full_msg << subject unless subject.nil? || data =~ /subject: /i
+        full_msg << data
+        send_status = raw_send_recv("#{full_msg}\r\n.\r\n", nsock)
+      end
     else
-      full_msg = ''
-      full_msg << date unless data =~ /date: /i
-      full_msg << subject unless subject.nil? || data =~ /subject: /i
-      full_msg << data
-      send_status = raw_send_recv("#{full_msg}\r\n.\r\n", nsock)
+      print_error "Server refused to send to <#{datastore['MAILTO']}>"
     end
 
     if not already_connected