Sunday, January 18, 2015

SPOOFING: Email Spoofing


SPOOFING

In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. Spoofing is when a spammer sends out emails using your email address in the From: field. The idea is to make it seem like the message is from you – in order to trick people into opening it.

The main topic area in which spoofing is done are:
  • Email Spoofing
  • IP Spoofing
  • Caller ID Spoofing
  • Poisoning of File-Sharing Networks
  • GPS Spoofing
  • Protocol Spoofing
  • Website Spoofing

EMAIL SPOOFING

Email Spoofing is a creation of Email messages with a forgery of an email header so that the message appear to be originated from somewhere or someone with other than the original or actual source. Phishing and Spam Emails use Email spoofing to mislead the recipient about the origin of the message. However spoofing is illegal.

Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source. The main protocol that is used when sending e-mail - SMTP - does not include a way to authenticate. There is an SMTP service extension that allows an SMTP client to negotiate a security level with a mail server. But if this precaution is not taken anyone with the know-how can connect to the server and use it to send spoofed messages by altering the header information.


The main Protocol that is used is used when sending Email is Simple Mail Transfer Protocol (SMTP). The main protocol used in sending e-mail, does not include an authentication mechanism. A number of measures to address spoofing are available including SPF, SenderID,  DKIM and DMARC.  Although their use is increasing. 

THE PROBLEM

If you receive a snail mail letter, you look to the return address in the top left corner as an indicator of where it originated. However, the sender could write any name and address there; you have no assurance that the letter really is from that person and address. E-mail messages contain return addresses, too – but they can likewise be deliberately misleading, or “spoofed.”  Senders do this for various reasons, including:
 
  • The e-mail is spam and the sender doesn’t want to be subjected to anti-spam laws
  • The e-mail constitutes a violation of some other law (for example, it is threatening or harassing) 
  • The e-mail contains a virus or Trojan and the sender believes you are more likely to open it if it appears to be from someone you know
  • The e-mail requests information that you might be willing to give to the person the sender is pretending to be (for example, a sender might pose as your company’s system administrator and ask for your network password), as part of a “social engineering” attack
  • The sender is attempting to cause trouble for someone by pretending to be that person (for example, to make it look as though a political rival or personal enemy said something he/she didn’t in an e-mail message)

Now we will start the Email Spoofing:

STEP 1:

Download the script file: Emailspoofing



STEP 2:

Upload this Script this script to any of this free web hosting.

Some of the free web hosting servers given below:
  • http://www.serversfree.com/
  • http://www.yourfreehosting.net/
  • http://www.esmartstart.com/
  • http://www.110mb.com/
  • http://www.drivehq.com/
  • http://www.t35.com/
  • http://www.my3gb.com/



How can I tell if I'm being spoofed?

  1. You see mailer-daemon error messages (returned emails) in your inbox that do NOT match any messages you sent out (as if someone sent a letter to another person and wrote your return address on the envelope instead of their own).
  2. You get messages from people who received email from you that you did NOT send.



What's the difference between HACKED and SPOOFED?

Your Sent folder may offer the best clue to whether you have been hacked or spoofed.


  • If you DO find email in your Sent folder that you did NOT send: Your account has been compromised (hacked).
  • If you DO NOT find any strange email in your Sent Folder: Your account has most likely been spoofed.



IDENTIFYING THE SOURCE OF THE EMAIL

Although email spoofing is often effective in forging the sender's real email address, the IP address source computer sending the mail can generally be identified from the "Received:" lines in the email header. In many cases this is likely to be an innocent third party infected by malware that is sending the email without the owner's knowledge.



Terms & Warning:
Use this script for educational purposes only and for your self knowledge.
Pro Hack Tricks Blog Team, its Author, Admin cannot be held responsible for any legal action or other action taken against you if you use this script illegally.
Use at your own risk. But remember no one is untraceable.


No comments:

Post a Comment