Penetration Basics – Zimbra Version Detection
0x00 Preface
This article will introduce multiple methods for Zimbra version detection, implement automation via Python, record development details, and open-source the code.
0x01 Introduction
This article will cover the following content:
Implementation Ideas
Implementation Details
Open-Source Code
0x02 Implementation Ideas
There are many methods to check the Zimbra version, each with its own advantages and disadvantages; the specific methods are as follows:
1. Via Web Management Page
Access the 7071 management page via a browser; the current Zimbra version will be displayed on the main page.
For example, my test environment displays:
Zimbra Version: 9.0.0_GA_4273.NETWORK
The version obtained via this method is an accurate version
2. By executing commands
Note:
For Zimbra patch updates, refer to:
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/patch_installation
3. Via Zimbra SOAP API
In the default configuration, the zimbraSoapExposeVersion property is FLASE, query command:
Return result:
After setting the zimbraSoapExposeVersion property to TRUE, the version can be obtained via the Zimbra SOAP API; the command to modify the property is:
Example of the sent SOAP format:
Return result under default configuration:
4. Via IMAP protocol
5. Via IMAP over SSL protocol
6. Via specific URL
0x03 Implementation Details
Combining the above detection methods, to adapt to various environments, three methods are selected for program implementation: via IMAP protocol, via IMAP over SSL protocol, and via specific URL
1. Via IMAP protocol
Complete example code:
2. Via IMAP over SSL protocol
Need to convert IP to hostname as a parameter, example code:
Complete example code:
In some environments, converting IP to hostname fails, leading to an error: [Errno 11004] host not found, so the IMAP protocol is prioritized in the program's decision logic.
3. Via specific URL
Complete example code:
0x04 Open Source Code
The complete implementation code has been uploaded to GitHub, address as follows:
https://github.com/3gstudent/Homework-of-Python/blob/master/Zimbra_GetVersion.py
The code first attempts to obtain version information via a specific URL, then reads version information via the IMAP protocol; if that fails, finally reads version information via the IMAP over SSL protocol.
0x05 Summary
This article introduces multiple methods for Zimbra version detection, compares their advantages and disadvantages, selects effective methods and implements automation via Python, records development details, open-sources the code, and serves as a good learning example.