Wednesday, 31 October 2012

e-mail spoofing.......

Well for past few days i was thinking of what to post next and then this came up. this is a bit higher level of breaking into some one's internet life.
It was a hard one to nail,dnt know what went wrong most of the times,but finally its tried and tested and i am too excited........
So here it comes , the real bummer EMAIL SPOOFING!!

would not it be nice if you just wanted to send a fake mail to your friend from Neil Armstrong(pure respect here) or mail your boss using a fake id just to keep the pressure out??
well, here's what might interest you.(only educationally,i dnt take responsibility of anything other).
EMAIL SPOOFING is actually a way of sending an email to a person pretending to be some one else, you could be sharapova once and federer the next moment. It comes real handy when planning a prank.
what we do is use MS TELNET* service to gain access as an alias and then sent a mail
so first thing first start our favourite cmd and type in telnet or u can directly type in telnet in the run dislog box
1. what we need is the address of a webserver that can be accessed to send our fake mail. For this go to centralops.net** and type in the server you want to use eg (yahoo,gmail.com ) in the domain dossier box
2. well now you have a table in front of you search for mx keyword and the exchange address associated with it. copy it. try to take the mx with the highest number.
3. Now is the time for action. In ur telnet screen type in o then the server address ( for eg:alt4.gmail-smtp-in.l.google.com)
and then 25. 25 is the simple mail transfer port(smtp) through which emails are genr\erally sent
4. now u must get a welcome msg starting with 220.
5. type in helo. now u must get a msg starting with 250
6. u must have got a greeting message now. and that tells u r in the server ready to send a mail.
7. type and type as it is . u do not get backspace in it,mistakes are permanent here.
8. first we drop in the sendrs address, MAIL FROM: <xyz@server.com> hit enter<obvious!> a msg starting with 250 will come
9. now the recipient . RCPT TO: <abc@server.com>. make sure the server is same as in step 3. a msg starting with 250 will come
10. now u type in "data"(no quotes). a msg with 354 will come.
11. type in the subject,sender,recipient and any thing u fancy in an email. leave a blank line(by hitting enter) to start a new line.
12. when done hit enter and . and then again enter.
13. ur mail must have been sent by now.

if u get any error try any other mx id
the thing is this that u can easily spam some one's account with it. over time e mail providers have found ways to keep e-mails clean. such mail are sent to spam register,and may have a warning attached to them
there are some modification required to steal cookies or passwords from emails
*telnet is actually a ms tool used to use a network. it is old school and have been to much exploited,but still is very handy
** another way of getting server id is
type nslookup in cmd
type" set type=mx"
type in the e-mail provider you would like
choose the mx id u need
hope this was helpful.


0 comments:

Post a Comment

waddya think?