Pages

Monday, December 6, 2010

Email spoofing 1

E-mail spoofing is nothing but sending mail anonymous. Also you can send mail as coming from some one else  email. This is very old method. This is not a hack actually. When e-mail was introduced, people sent email only by this method. 

For this you need a SMTP server (Simple Mail Transfer Protocol). You can use any SMTP server. You can download one here. And install it in your machine. Actually a SMTP server will run in the port 25. That is the default port for any mail server.

After installing it, connect it via telnet in command prompt using the command "telnet 127.0.0.1 25". Here the IP address refers your own machine. If you type 127.0.0.1 IP from any machine, it will refer only the machine itself. And the 25 is port number. But most of the times Windows don't allow telnet. So it may automatically close. In this situation, use some telnet client. You can download one here. Its a free utility and also portable, so it doesn't need any installation. 
Run it. Fill the required field and open the connection with the SMTP server. And use the following commands in the order to send mail.

helo /any name/

This is just introducing you to the SMTP server. Here you can use any name. It won't affect the mail you are going send. It is just saying hello to the server.

mail from:/from address/

This is the from address of the mail. You can use any mail address. That will appear as the from address of the mail. There should be no space between the colon (:) and the from address.

rcpt to:/to address/

This is the receiver address. The mail will be delivered only to this address. Here also no space between colon and the to address. 

data

This is the data portion of the mail. You can add any number of header required in this part. All the headers will be in the format /header name/:/header value/. Also no space between the colon and the values. Each header should be typed in a separate line. After adding all the headers, give two line break (type enter for two times). Now type the message. After finishing the mail type ctrl and dot then again ctrl ( ctrl.ctrl ) to represent the end of the mail. The mail will be sent to the receptant address. Type exit to close the program.

eg:
  • helo hacker
  • mail from:billg@microsoft.com
  • rcpt to:kumaran.4353@gmail.com
  • data
    • sub:please help me
    • Mr.Balakumaran, Microsoft corporation is hacked by some hackers and all the control is now with them. Here we can't do anything. So please help our corporation to get out of the hand of those hackers. /ctrl/./ctrl/
  • exit

But the problem with this method, is nowadays many standard mail providers like Gmail are not accepting mails from all IP addresses. So most of the times your mail won't be sent. Also if sent, probably it will be saved in spam. So read the next post to overcome these problems.

No comments:

Post a Comment