www.anonhack.in
Open in
urlscan Pro
148.72.88.28
Public Scan
URL:
http://www.anonhack.in/2015/12/smtp-relay-attacks/
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE
Form analysis 7 forms found in the DOM
GET http://www.anonhack.in/
<form role="search" method="get" class="search-form" action="http://www.anonhack.in/">
<label for="search-form-62e7892038ef1">
<span class="screen-reader-text">Search for:</span>
<input type="search" id="search-form-62e7892038ef1" class="search-field" placeholder="Search" value="" name="s">
</label>
<button type="submit" class="search-submit"><svg class="icon icon-search" aria-hidden="true" role="img">
<use xlink:href="#icon-search"></use>
</svg><span class="screen-reader-text">Search</span></button>
</form>GET http://www.anonhack.in/
<form role="search" method="get" class="search-form" action="http://www.anonhack.in/">
<label for="search-form-62e7892038fb3">
<span class="screen-reader-text">Search for:</span>
<input type="search" id="search-form-62e7892038fb3" class="search-field" placeholder="Search" value="" name="s">
</label>
<button type="submit" class="search-submit"><svg class="icon icon-search" aria-hidden="true" role="img">
<use xlink:href="#icon-search"></use>
</svg><span class="screen-reader-text">Search</span></button>
</form><form id="commentform" class="comment-form">
<iframe title="Comment Form" name="jetpack_remote_comment" style="width:100%; height: 430px; border:0;" id="jetpack_remote_comment" sandbox="allow-same-origin allow-top-navigation allow-scripts allow-forms allow-popups"
data-src="https://jetpack.wordpress.com/jetpack-comment/?blogid=95350099&postid=460&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&jetpack_comments_nonce=3c475b2752&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=68f6557c5ee4f53b41edf60f97e732e50d8479a2#parent=http%3A%2F%2Fwww.anonhack.in%2F2015%2F12%2Fsmtp-relay-attacks%2F"
class="jetpack_remote_comment lazyload" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" scrolling="no">
</iframe>
<!--[if !IE]><!-->
<script>
document.addEventListener('DOMContentLoaded', function() {
var commentForms = document.getElementsByClassName('jetpack_remote_comment');
for (var i = 0; i < commentForms.length; i++) {
commentForms[i].allowTransparency = false;
commentForms[i].scrolling = 'no';
}
});
</script>
<!--<![endif]-->
</form>GET http://www.anonhack.in/
<form role="search" method="get" class="search-form" action="http://www.anonhack.in/">
<label for="search-form-62e78920411c6">
<span class="screen-reader-text">Search for:</span>
<input type="search" id="search-form-62e78920411c6" class="search-field" placeholder="Search" value="" name="s">
</label>
<button type="submit" class="search-submit"><svg class="icon icon-search" aria-hidden="true" role="img">
<use xlink:href="#icon-search"></use>
</svg><span class="screen-reader-text">Search</span></button>
</form>POST #
<form action="#" method="post" accept-charset="utf-8" id="subscribe-blog-blog_subscription-4">
<div id="subscribe-text">
<p>Enter your email address to subscribe to this blog and receive notifications of new posts by email.</p>
</div>
<p id="subscribe-email">
<label id="jetpack-subscribe-label" class="screen-reader-text" for="subscribe-field-blog_subscription-4"> Email Address </label>
<input type="email" name="email" required="required" value="" id="subscribe-field-blog_subscription-4" placeholder="Email Address">
</p>
<p id="subscribe-submit">
<input type="hidden" name="action" value="subscribe">
<input type="hidden" name="source" value="http://www.anonhack.in/2015/12/smtp-relay-attacks/">
<input type="hidden" name="sub-type" value="widget">
<input type="hidden" name="redirect_fragment" value="subscribe-blog-blog_subscription-4">
<button type="submit" class="wp-block-button__link" name="jetpack_subscriptions_widget"> Subscribe </button>
</p>
</form>GET http://www.anonhack.in
<form action="http://www.anonhack.in" method="get"><label class="screen-reader-text" for="cat">Category Search</label><select name="cat" id="cat" class="postform">
<option value="-1">Select Category</option>
<option class="level-0" value="639">admin (7)</option>
<option class="level-0" value="592">All (89)</option>
<option class="level-0" value="192">Android (1)</option>
<option class="level-0" value="230">Basics (45)</option>
<option class="level-0" value="1287">Buffer Overflow (2)</option>
<option class="level-0" value="231">C programs (27)</option>
<option class="level-0" value="233">Challenges (47)</option>
<option class="level-0" value="1364">Cisco (1)</option>
<option class="level-0" value="266">Cryptography (2)</option>
<option class="level-0" value="208">DDos (3)</option>
<option class="level-0" value="614">Entertainment (1)</option>
<option class="level-0" value="581">Hacking with Python (17)</option>
<option class="level-0" value="5">how to be anonymous (5)</option>
<option class="level-0" value="6">how to hide ip address (1)</option>
<option class="level-0" value="40">Information Gathering (8)</option>
<option class="level-0" value="1120">Java (6)</option>
<option class="level-0" value="352">Linux (8)</option>
<option class="level-0" value="1406">log4j (1)</option>
<option class="level-0" value="597">Metasploit (3)</option>
<option class="level-0" value="130">Null Session (1)</option>
<option class="level-0" value="137">Operating System Hacking (3)</option>
<option class="level-0" value="1128">OSCP Study Material (13)</option>
<option class="level-0" value="126">PC Tricks (4)</option>
<option class="level-0" value="1104">Programming challenges (2)</option>
<option class="level-0" value="1277">Query/solutions (2)</option>
<option class="level-0" value="478">Shell Scripting (6)</option>
<option class="level-0" value="179">SMTP (3)</option>
<option class="level-0" value="94">Social Engineering & Phishing (2)</option>
<option class="level-0" value="172">Spoofing (1)</option>
<option class="level-0" value="177">SQL injection (12)</option>
<option class="level-0" value="185">The Covert Way (3)</option>
<option class="level-0" value="1">Uncategorized (13)</option>
<option class="level-0" value="252">WannaCry (1)</option>
<option class="level-0" value="1025">Web Application Attack. (11)</option>
<option class="level-0" value="107">Wireless Hacks (2)</option>
</select>
</form><form id="jp-carousel-comment-form">
<label for="jp-carousel-comment-form-comment-field" class="screen-reader-text">Write a Comment...</label>
<textarea name="comment" class="jp-carousel-comment-form-field jp-carousel-comment-form-textarea" id="jp-carousel-comment-form-comment-field" placeholder="Write a Comment..."></textarea>
<div id="jp-carousel-comment-form-submit-and-info-wrapper">
<div id="jp-carousel-comment-form-commenting-as">
<fieldset>
<label for="jp-carousel-comment-form-email-field">Email (Required)</label>
<input type="text" name="email" class="jp-carousel-comment-form-field jp-carousel-comment-form-text-field" id="jp-carousel-comment-form-email-field">
</fieldset>
<fieldset>
<label for="jp-carousel-comment-form-author-field">Name (Required)</label>
<input type="text" name="author" class="jp-carousel-comment-form-field jp-carousel-comment-form-text-field" id="jp-carousel-comment-form-author-field">
</fieldset>
<fieldset>
<label for="jp-carousel-comment-form-url-field">Website</label>
<input type="text" name="url" class="jp-carousel-comment-form-field jp-carousel-comment-form-text-field" id="jp-carousel-comment-form-url-field">
</fieldset>
</div>
<input type="submit" name="submit" class="jp-carousel-comment-form-button" id="jp-carousel-comment-form-button-submit" value="Post Comment">
</div>
</form>Text Content
Skip to content
Anonhack
"If Nobody sees it, it didn't Happen"
Menu
* Hacking Resources
* Challenges
* C programs
* Shell Scripting
* Hacking with Python
* About Me
* Facebook
* Twitter
* Github
Search for: Search
Search
Search for: Search
* Facebook
* Twitter
* Github
SMTP RELAY ATTACKS
Posted on December 6, 2015June 4, 2018
Scroll
I have had already told you about What is SMTP, How does that work and How can
you extract emails using SMTP. In this article I will be telling you how you can
use SMTP relays to send spams to any person.
SMTP relay is a mail server through which we can send Outbound emails. If you
have a hosting account which hosts your domain, that hosting provide you mail
exchange service with the name of your domain so that you can send the mails
something like “bob@yourdomain.com”. So there must be an SMTP service acting
behind it. So In this article we will learn how to find that out. SMTP Relay
routes email through a trusted 3rd party to deliver the email. It is often used
to create and send automated messages like password reset or newsletter
distribution.Some SMTP service providers limits the usage of their service
because of spammers, Like Godaddy is limited to 250 emails per day. But
Big Business enterprises can exceed this limit by buying premium level features
and thus can send bulk emails without being tagged as Spams.
But the questions are why and How some Emails comes under the spotlight of being
Spam?
The Answer is
* Content filters – Keywords are checked, if the message body contains some
specific words.
* Header filters –Headers are checked if there is non-legit information.
* General blacklist filters – spam Filters already have a list of well known
Spamming Mail address which is checked against the address of the received
email.
* Rules-based filters – Mostly it is user defined.
There are many ways through which these emails are filtered.The first thing is
the keyword, Something like “Free, Free Money, Viagra, Cheap price etc “.These
keywords are checked in an Email. It is also checked if the message came from a
legit mail provider or not like “Gmail, Outlook, live etc”. Read this
“https://www.spamhaus.org/” <–These people help!
Phishing emails can’t make their way to inbox or marked as Warning emails
because of DKIM and SPF(Sender Policy ). These are the authentication policies
which helps domain to authenticate themselves and hence it marks a Legit sign on
them. Read About Link1, Link2 .
Check For SMTP relays:
* Before finding the SMTP relays we need to find the mx domain for the
particular domain name. I had already explained that in the post I wrote
here SMTP- Extracting Emails.[I am giving an example for gmail.com,you can
test this on any domain.]
* After knowing the mx record for the particular domain, we are going to open
command prompt,
* Type telnet server.domain.com 25 (SMTP works on port 25)
* Once you are connected, the screen will look like this and you can further
use commands like HELO (Your domain name) and EHLO to see the supported
options on that particular mail server:
* Start Sending the Email to test the server:
* MAIL FROM:<your email address>
* RCPT TO:<your recipient address>
* Now one of the most important thing, In case the SMTP relay is not
allowed on the server,”Relay not allowed error” will be displayed after
typing the RCPT TO:<>.
* After writing RCPT TO, if error is not displayed write, DATA to go on
with writing the message. To stop the command line from taking further
data input use “.”(period) at the end twice, one for completing the
sentence and other to tell the server that you are done writing the DATA.
* The message will be send, If not, you will get the error at the bottom.
We can also do the automated SMTP relays Check using NetScanTools PRo:
Not All SMTP relays can let you send messages, only open Relays can let you do
that. You can do it on closed relays too but that in that case you have to had
the auth credentials or you can brute force it.
Stay Anonymous!
Ciao!
SHARE THIS:
* Click to share on Twitter (Opens in new window)
* Click to share on Facebook (Opens in new window)
* Click to share on LinkedIn (Opens in new window)
* Click to share on Reddit (Opens in new window)
* Click to share on WhatsApp (Opens in new window)
* Click to email a link to a friend (Opens in new window)
*
LIKE THIS:
Like Loading...
RELATED
WHAT IS SMTP?
Emails have always been an important part of our lives. We send emails through
agents such as Gmail, Yahoo, etc. and we also get emails regarding different
subjects from numerous other email clients. These email clients works on SMTP at
port 25. What is SMTP? SMTP(Simple Mail Transfer Protocol )…
October 5, 2015
SMTP – EXTRACTING EMAILS
In my article about What is SMTP?, We took a look on what exactly SMTP works
for! In SMTP - Extracting Emails, I will be providing a tutorial on Extracting
Emails from the SMTP server. There are several programs and scripts that are
available for Gathering emails from a website.…
October 7, 2015
GOLDENEYE 1 WALKTHROUGH: VULNHUB VULNERABLE MACHINE
This article is a walkthrough for GoldenEye vulnerable machine. In the
description of this machine, it says that it is similar to OSCP machine. So, I
have written a walkthrough on it. To download Goldeneye 1, follow the
link: https://www.vulnhub.com/entry/goldeneye-1,240/ Requirements: Kali Linux or
your favorite OS Virtualbox Goldeneye VM Patience…
July 26, 2018
CategoriesAll SMTP Tags,how to send spam relay attacks sending spams simple mail
transfer protocol smtp smtp attacks smtp open relays smtp relay attack
POST NAVIGATION
Previous PostPrev Post Stagefright – The Nightmare
Next PostNext Post What is DDos Attack?
1 THOUGHT ON “SMTP RELAY ATTACKS”
1. شركة تنظيف says: 7 years ago
Very good blog post. I absolutely appreciate this website.
Keep it up!
Reply
LEAVE A REPLY CANCEL REPLY
This site uses Akismet to reduce spam. Learn how your comment data is processed.
QUOTE
It's Not About How Good You Are Now, It's About How Bad You Want It.
Search for: Search
SUBSCRIBE TO BLOG VIA EMAIL
Enter your email address to subscribe to this blog and receive notifications of
new posts by email.
Email Address
Subscribe
CATEGORY SEARCH
Category Search Select Category admin (7) All (89) Android (1) Basics (45)
Buffer Overflow (2) C programs (27) Challenges (47) Cisco (1)
Cryptography (2) DDos (3) Entertainment (1) Hacking with Python (17) how to
be anonymous (5) how to hide ip address (1) Information Gathering (8)
Java (6) Linux (8) log4j (1) Metasploit (3) Null Session (1) Operating
System Hacking (3) OSCP Study Material (13) PC Tricks (4) Programming
challenges (2) Query/solutions (2) Shell Scripting (6) SMTP (3) Social
Engineering & Phishing (2) Spoofing (1) SQL injection (12) The Covert
Way (3) Uncategorized (13) WannaCry (1) Web Application Attack. (11)
Wireless Hacks (2)
TOP POSTS & PAGES
* Program to Find Fibonacci Series using Shell Script
* Program to Convert Floating Decimal to Binary Using C Language
* Program to display series and find sum of 1+3+5+...+n in C language
* Hacker101 CTF walkthrough Micro-CMS v1 and v2
* Ways to search files in Kali - which, locate and find
SHARE ON REDDIT
Copyright © 2022 Anonhack | Blakely Light by Catch Themes
Scroll Up
Loading Comments...
Write a Comment...
Email (Required) Name (Required) Website
%d bloggers like this: