[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Vulnerability Report(No SPF Record)
From: |
Syed Maaz |
Subject: |
Vulnerability Report(No SPF Record) |
Date: |
Thu, 16 Feb 2023 19:21:14 -0000 |
Hey Team,
I am a security researcher,I have found this vulnerability related to your
website bash-hackers.org.
Description :
This report is about misconfigured spf record flag , which can be use
to abuse the organization by posing the identity ,
which allows to send fake mail by malicious actor on behalf of your
organization.
About the Issue :
As I have seen the SPF and TXT record for the bash-hackers.org
No valid SPF record found.
Valid SPF records prevent spammers from sending messages with bogus
From: addresses attached to your domain. You have no spf records spammers can
send phishing emails using emails registered on your domain.
so valid record should look like
:v=spf1 mx -all
Attack Scenario :
An attacker will send phishing mail or anything malicious mail to the
victim via mail :info@bash-hackers.org ,
even if the victim is aware of phishing attack ,
he will check the Origin email which will be info@bash-hackers.org ,
so he will be sure that its not fake mail and get trapped by attacker!
This can be done using any php mailer tool like this ,
<?php
$to = "VICTIM@example.com";$subject = "Password Change";
$txt = "Change your password by visiting here - [Malicious link here]";
$headers = "From: info@bash-hackers.org";
mail($to,$subject,$txt,$headers);
?>
You can check your SPF record form here :
http://www.kitterman.com/spf/validate.html !
Reference :
https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliabilityhave
a look on the digitalocean article for the better understanding !
Hoping for a bounty for responsibly disclosing this issue to your
website.
Regards
Syed Maaz
- Vulnerability Report(No SPF Record),
Syed Maaz <=