If you ever wonder how did those spammers send you e-mails masquerading as your friends, the answer is e-mail spoofing is very easy to do. You can try it by yourself. Here are the steps:
1) First you need to find a mail exchange server. This can be done using nslookup tool, which is available in both Linux and Windows. Here I'm using my Ubuntu machine for the task.
type 'nslookup'
this will bring you the nslookup CLI, now we need to tell nslookup the type of server we're looking for, which is the mail exchange (MX)
type 'set type=mx'
then we need to tell which domain we're looking into. You can try any domain you like, but make sure the domain does not require a telnet authentication (which rules out yahoo.com, gmail.com, hotmail.com and other webmail providers). In this example, I'm looking for mx servers inside my own domain, lifutushi.com
type '(domain name)'
this will give you the list of mx servers inside that domain.
2. Now you have a mail exchange server, telnet into it through port 25
type 'telnet (mx sever URL/IP address) 25'
If you can't telnet into the mail exchange server, that means the server requires authentication or you're behind a firewall that blocks port 25. In the former case, you can try different servers. For latter case, you need to change your firewall permission. The easiest thing to do is to install a mx server on your own PC.
3. Once the telnet is done, you can start writing your e-mail
Now, here you need to know or have a list of commands for using SMTP. The list can be found here:
http://www.freesoft.org/CIE/RFC/821/15.htm . But for simple mail, you can just follow my example in this picture.
MAIL FROM: the e-mail address you want the receiver to think you're sending from
RCPT TO: your receiver
DATA use this to start writing your email
DATE: the date that will be shown in the header
FROM: similar to MAIL FROM, but this will be shown in the header
TO: similar to RCPT TO, but this will shown in the header
SUBJECT: the email title shown in the header
you body of your email goes after SUBJECT
End your DATA with Enter.Enter (read: enter-dot-enter)
To exit from telnet, just type 'quit'
We're done. Depending on the mx server configuration, yo9ur mail might be sent immediately, or put into queue first, which will be delivered later.
Easy, isn't it?
Now, the question is, how do we know that an e-mail from a friend is actually legit? Just read the full header! It solves all the mystery :)
That's all for now.
Related Posts by Categories
Posted by
Posted by
Ariff Abdullah
, on
at
11:42
•
Labels:
geek,
hacking,
L,
tech
0 comments:
Post a Comment