SPF Vulnerability
What Is SPF/TXT Records?
An SPF record is a type of Domain Name Service (DNS) record that
identifies which mail servers are permitted to send email on behalf of
your domain. The purpose of an SPF record is to prevent spammers from
sending messages with forged From addresses at your domain.
like : Suppose woodland company have email address as :
customersupport@woodland.com , So if I am able to send a mail using
that address that means SPF records are not properly set .
Checking Missing SPF:
There Are Various Ways of Checking Missing SPF Records on a website But the Most Common and Popular way is kitterman.com
Steps to Check SPF Records on a website:-
Go to http://www.kitterman.com/spf/validate.html or mslookup
Go to http://www.kitterman.com/spf/validate.html or mslookup
Enter Target Website Ex: target.com (Do Not Add https/http or www)
Hit Check SPF (IF ANY)
Hit Check SPF (IF ANY)
If You see any SPF Record than Domain is Not Vulnerable But if you see Nothing Here then "HURRAY! You Found a Bug"
POC:
Once There is No SPF Records. An Attacker Can Spoof Email Via any Fake
Mailer Like Emkei.cz. An Attacker Can Send Email From name "Support" and
Email: "support@davindertutorials.com"
.With Social Engineering Attack He Can TakeOver User Account Let Victim
Knows the Phishing Attack but When He See The Email from the Authorized
Domain. He Got tricked Easily.
How to reproduce this
0 comments:
Post a Comment