PaulDotCom mailing list archives
Spoofing emails
From: irongeek at irongeek.com (Adrian Crenshaw)
Date: Sat, 9 May 2009 12:10:41 -0400
I have an example here of doing it with Telnet/netcat: http://www.irongeek.com/i.php?page=security/webbugs Stuff in red is what you type: 220 mx.gmail.com ESMTP 70si2094099rnb helo me.somepalace.com 250 mx.gmail.com at your service MAIL FROM:<irongeek at iirongeek.com> 250 OK RCPT TO:<irongeek at ggmail.com> 250 OK DATA 354 Please start mail input. To:Irongeek From:Adrian Subject: Webbug test Mime-Version: 1.0; Content-Type: text/html; charset="ISO-8859-1"; Content-Transfer-Encoding: 7bit; <html> <body> <h2>Web Bug Test</h2> Here's a Web Bug Test! <BR> <img src="http://tux.irongeek.com/webbug.php?irongeek at gmail.com"> <img src="http://tux.irongeek.com/cgi-bin/webbug.cgi?irongeek at gmail.com"> </body> </html> . 250 Mail queued for delivery. quit 221 Closing connection. Good bye. Connection to host lost. On Sat, May 9, 2009 at 10:45 AM, Nathan Sweaney <NSweaney at tulsacash.com>wrote:
Other than Core, what's the best way to go about creating spoofed emails? I've been searching for awhile & I'm having a hard time finding much information. I know it can be done from most scripting languages, but are there any applications designed specifically to do this that allow you to create text or HTML emails with links and even attachments? Everybody talks about sending metasploit exploits to clients, but how are you actually doing it? On a similar note, a few months back I saw some research on a PDF that contained a ton of different exploits so that it could be successful on a wide range of adobe versions. Does anybody remember that or have links to it? Thanks -nathan *Nathan Sweaney* | Security Specialists - GPEN,GWART Tulsa Cash Register / Bottom Line Solutions (918.294.1777 x 311 | ?918.307.2071 | -NSweaney at tulsacash.com www.tulsacash.com Serving Oklahoma for *51* years. *Main Number 24 Hour Customer Support Line:* 918.294.1777 (Follow Prompts) *Notice:* This E-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. ??2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. P Please consider the environment before printing this email. _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090509/73fb0a9b/attachment.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 2765 bytes Desc: not available Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090509/73fb0a9b/attachment.jpeg
Current thread:
- Openwrt and Cellphones Cody Dumont (May 08)
- Spoofing emails Nathan Sweaney (May 09)
- Spoofing emails Adrian Crenshaw (May 09)
- Spoofing emails natron (May 11)
- Spoofing emails Rob Fuller (May 11)
- Spoofing emails Robin Wood (May 11)
- Spoofing emails MV (May 11)
- Spoofing emails Dimitrios Kapsalis (May 11)
- Spoofing emails Russell Butturini (May 11)
- Spoofing emails Robin Wood (May 11)
- Spoofing emails Noah (May 13)
- Spoofing emails Jason Wood (May 13)
- Spoofing emails Jim Halfpenny (May 14)
- Spoofing emails Adrian Crenshaw (May 09)
- Spoofing emails Nathan Sweaney (May 09)