Do it yourself to do QQ Trojan ---- Mail Send
In the past, the Email system in the past is written according to the standard SMTP protocol, and now in order to more effectively suppress the flooding of spam, all major email providers in China have begun to design E-MAIL send and receive services. Sending an email requires authentication of the user, if the account and password are incorrect, the ESMTP server refuses to send the message to return 553 error code. Through the analysis of the agreement I found the way to Email, we can do it easily with Visual Baisc.
First, authentication method
ESMTP (Extension SMTP), an authenticated mail transmission method, is a security authentication service that the mail server system is available to restrict the formal user of the system using the system to distribute spam or other improper behavior. It has two main differences compared to traditional SMTP mode:
1. Supports encoding in 8-bit mime format.
2. Support user identity verification.
There are more authentication procedures for one user identity. The email delivery process after verification is consistent with the traditional SMTP mode. In order to facilitate the user's use, most ESMTP servers have inherited the account and password setting system of the POP3 server, which means that the send and reception email uses the same account and password.
According to the [RFC 2554] specification, the SMTP authentication function is mainly an auth command. There are a variety of authentication mechanisms in the auth command. The authentication mechanism supported by Auth mainly has login, CRAM-MD5 [Note 1]. Login should be supported by most free mail servers, Netease and Sina support. The following mainly introduces the login mode, otherwise modified according to the corresponding RFC specification.
The Login method password - the answer process is as follows (S: indicates the server returns, c: indicates the client sent)
1. C: Auth login
2. S: 334 DXNLCM5HBWU6 // DXNLCM5HBWU6 is UserName: Base64 encoding
3. C: DXNLCM5HBWU6
4. S: 334 CGFZC3DVCMQ6 // CGFZC3DVCMQ6 is the Base64 encoding of Password:
5. C: CGFZC3DVCMQ6
6. S: 235 Authentication Successful.
(1). Send a certification instruction to the server to the server.
(2). The server returns the Base64 encoding string, the success code is 334. After the encoding string decodes, "UserName:", which requires the client to send the username.
(3). The client sends a username encoded with Base64, here "UserName:".
(4). The server returns the Base64 encoding string, the success code is 334. After encoding a string decoding, it is "Password:", which shows that the client will send the user password.
(5). The client sends a password encoded with Base64, here "Password:".
(6). After success, the server returns code 235, indicating that the authentication can be sent.
2: Base64 Code Principle (BBS Shuimu Tsinghua Station Visualc Version)
Base64 encoding is actually converting 3 8-bit bytes to 4 6-digit bytes, (3 * 8 = 4 * 6 = 24) These four six bytes are still 8 digits, but the high two is Set to 0. When only 6 bits are valid, its value space is 0 to 2, 63, that is to say that each encoded value space encoded by converted Base64 is ( 0 ~ 63).
In fact, the ASCII code between 0 ~ 63 has many invisible characters, so should be a mapping, the mapping table is 'A' ~ 'Z'? ASCII (0 ~ 25)
'A' ~ 'Z'? ASCII (26 ~ 51)
'0' ~ '9'? ASCII (52 ~ 61)
' '? ASCII (62)
'/'? ASCII (63)
This allows 3 8-bit bytes to convert to 4 visible characters.
The specific byte split method is: (Figure (painful, understanding the spirit :-))
AAAAAABB ccccddddd eeffffff // Abcdef is actually 1 or 0, in order to see clearly, use ABCDEF instead
~~~~~~~~ ~~~~~~~~~~~~~~~
Byte 1 byte 2 bytes 3
||
//
00aaaaaa 00bbcccccc 00ddddeE 00ffffff
Note: The above three-word sequence original, the following four bytes are Base64 encoded, the first two bits are 0.
When this is split, the number of bytes of the original text should be a multiple of 3, when this condition can not meet, use all zero bytes
Completion, the base64 coding is replaced with = number, which is why some base64 encodes are tied one or two or two.
The reason for the bundle, but the equal sign has two, because: if f (Origin) represents the number of bytes of the original text, f (regain) generation
The remainder of the table, then
F (regain) = f (Origin) MOD 3 is established.
Therefore, F (regain) may be taken from 0, 1, 2.
If you set n = [f (Origin) - f (remain)] / 3
When f (regain) = 0, the Base64 encoding of 4 * n bytes is intended to be converted.
When f (regain) = 1, since a original byte can be split into bytes belonging to two base64 encoded, in order
Let Base64 encoding a multiple of 4, so it should be 2 equal numbers.
When f (regain) = 2, since the two originals can be split into bytes belonging to 3 Base64 encoded, the same,
It should be added to the equal sign.
Three: Mail format
That is, when the server requests to enter Data, the message entered through the message, if the entered mail format does not match the server, reject the send message Back to some domains of the 441 mail head, does not meet the server requirements.
The header begins by a domain name, then a colon, then the domain body portion, the final is the
Date Indicates the time and date of creating this message
From, or Sender and from the user flag sending box for sending the message
TO, CC (Cc) or BCC (Device) contains messages wish to be sent to the user flag inbox
Other some of the headquarters are optional, such as RETURN-PATH Reply-to, References, Keywords, Subject, Comments, Encrypted, etc., this is not explained here.
Use the CSMTP_FZ class in this program to send mail, where member function initcontent completes the formatting of DATA data as follows:
Void csmtp_fz :: initcontent ()
{
CTIME TIME = CTIME :: getcurrenttime ();
CString strcontent [5];
// sender
StrContent [0] .format ("from:% s / r / n", m_mailmsg.mail_from_address);
//time
StrContent [1] .format ("Date:% S / R / N",
Time.Format ("% a,% b% D,% i:% m:% s,% y"));
// Recipient
StrContent [2] .format ("to:% s / r / n",
m_mailmsg.mail_to_address);
//theme
StrContent [3] .format ("Subject:% S / R / N",
m_mailmsg.mail_subject);
//text
StrContent [4] .format ("Content% S / R / N",
m_mailmsg.mail_content);
M_StrContent = StrContent [0] StrContent [1] StrContent [2]
StrContent [3] StrContent [4];
Return;
}
M_StrContent is a member variable of a CSMTP_FZ class that stores the data to be sent.
Four: Mail Send
BOOL CSMTP_FZ :: Sendmail ()
{
INITCONTENT ();
CSocket Socket;
CString Str, Strresponse;
CBASE64 base64;
IF (! Socket.create ())
Return False;
IF (socket.connect (m_mailmsg.mail_server_name,
m_mailmsg.mail_server_port)))
{
Csocketfile File (& socket);
Carchive Arin (& File, Carchive :: Load | Carchive :: bnoflushondelete);
CARCHIVE AROUT (& File, Carchive :: Store | CARCHIVE :: Bnoflushondelete);
While (True)
{
// SMTP Server Ready
// Say Hello to Mail Server
arin.readstring (strretponse);
IF ("220"! = strretponse.Left (3)) Break;
CString Strtemp;
GethostName (Strtemp.getBuffer (256), 256);
Strtemp.releaseBuffer ();
Str.Format ("HELO% S / R / N", (LPCSTR) strTemp);
AROUT.WRITESTRING (STR); AROUT.FLUSH ();
arin.readstring (strretponse);
IF ("250"! = Strresponse.Left (3)) Break;
// CERTIFICATION
Str = "auth login / r / n";
AROUT.WRITESTRING (STR); AROUT.FLUSH ();
arin.readstring (strretponse);
IF ("334"! = Strresponse.Left (3)) Break;
Str = base64.encode (lpcstr (m_mailmsg.mail_account),
SIZEOF (M_mailmsg.mail_account);
Str = STR "/ r / n";
AROUT.WRITESTRING (STR); arout.flush (); arin.readstring (strresponse);
IF ("334"! = Strresponse.Left (3)) Break;
Str = base64.encode (lpcstr (m_mailmsg.mail_password),
SIZEOF (m_mailmsg.mail_password);
Str = STR "/ r / n";
AROUT.WRITESTRING (STR); AROUT.FLUSH ();
arin.readstring (strretponse);
IF ("235"! = Strresponse.Left (3)) Break;
// Mail from Command
Str.Format ("Mail from: <% s> / r / n",
(Lpcstr) (m_mailmsg.mail_from_address));
AROUT.WRITESTRING (STR); AROUT.FLUSH ();
arin.readstring (strretponse);
IF ("250"! = Strresponse.Left (3)) Break;
// RCPT to Command
Str.Format ("RCPT TO: <% S", M_mailmsg.mail_to_address);
Str = STR "> / r / n";
AROUT.WRITESTRING (STR); AROUT.FLUSH ();
arin.readstring (strretponse);
Strresponse = strretponse.Left (3);
IF (("250"! = Strresponse) && ("251"! = strretponse)).
// Data Command
AROUT.WRITESTRING ("DATA / R / N"); arout.flush ();
arin.readstring (strretponse);
Strresponse = strretponse.Left (3);
IF (("250"! = Strresponse) && ("354"! = strretponse)).
//send data
Cstring strbuffer;
strbuffer = m_strcontent;
//. ->..
// .. -> ...
IF ((! strbuffer.isempty ()) && ('.' == StrBuffer [0]))
Strbuffer = '.' strbuffer;
Str = strbuffer;
AROUT.WRITESTRING (STR);
AROUT.WRITESTRING ("./ r / n"); arout.flush ();
arin.readstring (strretponse);
IF ("250"! = Strresponse.Left (3)) Break;
// quit command
AROUT.WRITESTRING ("quit / r / n"); arout.flush ();
arin.readstring (strretponse);
Return True;
}
}
Else
{
Str.Format ("SMTP HOST% S can't Reach.", M_mailmsg.mail_server_name); MessageBox (Null, Str, "Error", MB_OK);
Return False;
}
MessageBox (NULL, "Connection is Reset.", "Error", MB_OK;
Return False;
}
Reference:
<< Email >> 2002-09-17 · Liu Jing · YESKY with VB design
