NNTP (Network News Transfer Protocol) #
At a Glance #
Default Ports
- NNTP: 119
- NNTPS (NNTPS over TLS): 563
- NNSP (server-server bulk transfer): 433
NNTP is an application-layer protocol used for transporting Usenet news articles between news servers. Client applications can also inquire, retrieve, and post articles.
Banner Grabbing #
Telnet #
telnet 10.0.0.3 119
Netcat #
nc -n 10.0.0.3 119
openssl 1 #
openssl s_client -crlf -connect 10.0.0.3:563
Parameters
s_client: SSL/TLS client program.-crlf: translate a line feed from the terminal intoCR+LF.
Commands #
Various commands allow clients to retrieve, send, and post articles. The difference between send and post is that the latter involves articles with incomplete header information.
NNTP also provides
active and passive news transfer,
or “pushing” and “pulling” respectively.
When pushing,
the client offers an article through IHAVE <message_id>.
When pulling,
the client requests a list of available articles
for the specified date
through NEWNEWS <YYMMDD> <HHMMSS>.
Several commands also allow clients to retrieve the article header and body separately, or even single header lines from a range of articles. 2
Note:
NNTP commands responses always end with a period (.) on a line by itself.
CAPABILITIES List server capabilities.
HELP Show available commands.
MODE READER Use Reader mode. Reader mode uses a lot of commands, use HELP.
LIST List groups.
SELECT <group> Select group.
LISTGROUP <group> List article in a group.
HEAD <article_id> Retrieve article header.
BODY <article_id> Retrieve article body.
ARTICLE <article_id> Retrieve article.
POST Post article.
NNTP Exploits Search #
Refer to Exploits Search
OpenSSL Foundation, Inc. “/Docs/Manmaster/Man1/Openssl.Html.” OpenSSL.Org, https://www.openssl.org/docs/manmaster/man1/openssl.html. ↩︎
“22. NNTP and the Nntpd Daemon - Linux Network Administrator’s Guide, Second Edition [Book].” O’Reilly Online Learning, O’Reilly Media, Inc., https://www.oreilly.com/library/view/linux-network-administrators/1565924002/ch22.html. ↩︎