How hackers spoof your email address
Вставка
- Опубліковано 26 вер 2024
- Email spoofing is possible by forging email syntax in several methods of varying complexity.
In this video we will identify email spoofing vulnerability and we will demonstrate the spoofing is done and precautionary measure to put in place to avoid spoofing of your domain.
Email spoofing Analysis and Detection
• Play it Safe: Recogniz...
Connect with me across various interactive platforms for a dynamic and connected experience.
🔗Discord:
/ discord
🔗 Social Media:
X (twitter) : @r007User
Facebook : / ctfsec
📺 Twitch
/ ctfsec
🌐 Website:
r007us3r.githu...
🎥 UA-cam Channels:
/ @ctf-sec
📧 Business Inquiries:
ctfsec001@gmail.com
👇 Other Links:
t.me/+VpUp7Bxq...
Support me
[+] Buymeacoffee
paystack.com/p...
Telegram
t.me/+VpUp7Bxq...
#hacking #captureflag #capturetheflag #google #informationexposure #informationdisclosure #ctfsec #ctfsecurity #ethicalhacking #hacking #cybersecurity #hacker #hackers #kalilinux #linux #ethicalhacker #programming #infosec #security #pentesting #hackingtools #technology #hack #informationsecurity #cybercrime #coding #cybersecurityawareness #malware #python #cyberattack #cyber #hacked #computerscience #hackerman #programmer #tech #or #anonymous #hackerspace #cybersecuritytraining #hackingnews #secutiy #bugbounty #datasecurity #learnhacking #hackinginstagram #ransomware #termux #termuxhacking #privacy #informationtechnology #ethicalhackers #dataprotection #hackerindonesia #computer #hackernews #phishing #java #coder #developer #blackhathacker #growthhacking #metasploit #exploit #hacks #it #wifihacking
Please, how do it download and install the SendEmail terminal for me to move further ? thank you
It called Kali Linux and here is how it can be installed
ua-cam.com/video/BzH9B97Qupg/v-deo.htmlsi=w0sgRnmWzVWT-5Vc
The video make it easier than I thought. Is sendemail available on windows operating system?
Here is a github repo to get sendemail github.com/mogaal/sendemail
Remember sendemail is written in perl. You can also grab exe version of send email with just a simple google search.
Be'cos you snd to the email you use nd registered sendinblue that's why it went to inbox
@@hawaiihawaii1112 It has been tested on other email same result. One good thing about sendinblue it is hardly detected as spam.
Quick question ,what's the method you used to obtain the email html with the jumia headers and singnatures, im having trouble finding online how to clone original emails.
Btw your demonstration for this video was good , thank you so much !
In Gmail, you can view the HTML code of an email by opening the email, clicking the three dots in the upper-right corner of the email window, and selecting "Show original" from the menu. This will open a new tab or window with the raw content of the email, including the HTML code.
@@ctf-sec i got it now , bless your heart for still replying to people after 8 months ,have a good day !
@@ctf-sec when i came to test it out on code pen ,it showed me bugged emails .the initial time i saw cloning emails was done by uploading the headers and typing out the contents of the email inside gmail . thats what i was searching for all along , a simple ("educational purposes" ) but i thought it would be a popular topic on the internet but i was wrong .
Bro abeg i no understand it much. I wan learn from you bro
Kindly subscribe to be notified when other videos are uploaded.
It says, email sent successfully but the email never arrives into the inbox
What email server did you use?
@@ctf-sec I used Brevo's SMTP Relay server
Not working know if manipulating from address
I used to be able to do this technique, now I can't.
@@unoproject20same here, did u find any alternative smtp server that works?
hey, how do I change the output to look like my prefered sender and to also make it look exactly the same?
Not sure I understand the first part but for the second you need basic HTML/CSS for that.
little scammer. get a job. but i guess not as frontend-dev xD
it says email sent successfully but i didn't receive any email and i am using smtp brevo server
Try using a different email server.
You never dropped spoof check link though?
Thank you it will be added to the video description mean while here is the github link github.com/a6avind/spoofcheck
Is sendinblue free to login or we have to buy premium or something?
It has premium versions but at the time of recording it is free for using Email Server.
@@ctf-sec is it free now ? For SMTP server
I am getting error of Hostname verification failed. I would appreciate it if you can help out a fellow brother
Where exactly are you getting the error you can drop the full screenshot of the error on the Telegram Channel in the description box
I also have the same error message. How do I fix it?
@@momohcharles7811 Sendinblue is currently experiencing TLS issues after transitioning to brevo will drop an update if I have a possible fix to the problem.
What is the technique called?
Email spoofing
hey, does this still work with sendinblue?
Sendinblue is now called brevo and regarding if it still works I haven't tried it lately you can try it and give a feedback.
Is it free ?
@@ctf-sec no its not working see the error from sendinblue.Sending has been rejected because the sender you used is not valid. Validate your sender or authenticate your domainValidate your sender or authenticate your domain
@@gaminggeek4637yeah, did u find any alternative?
When the target replies your spoofed email how do you receive reply in your personal inbox?
The attacker manipulates headers to direct replies to their own email address, allowing them to receive responses in their personal inbox directly.
@@ctf-sec can you please explain how to do that? My idea is that: you place Reply-To tag with a receiving email on the header. Then any reply of receipt can be received on attacker's email (which is there under Reply-To tag). Is that correct?
@@Ashish_painuly You are absolutely correct, Attackers manipulate spoof emails by forging the "From" address and setting a custom "Reply-To" header to receive replies.
how could you bypass SPF and DKIM. both authentication method is using to prevent email spoof. you sent the email from different server. the receiver mail server supposed to check the right sender server address.
Yes the receiving mail server checks if the mail came from the domain it claims and then assign pass or failed status to it and might choose to quarantine based on the policies in the server.
repo link
github.com/BishopFox/spoofcheck
Ia am getting error hostname verification failed tls failed can you solve this problem
There is currently a bug in the sendemail tool which hasn't been fixed yet, here is more information www.reddit.com/r/Kalilinux/comments/15h4bz6/sendemail_tool_doesnt_work/
Why is it whenever i hear without further ado, there is always further ado. If you want to stretch your video out so you can make more money, then be honest and say thats what you are doing. Either way i am going to give you a dislike and turn off the video.
Thank you for your constructive feedback
CAN IT WORK WITH TERMUX
Sendmail will work, what you would need is a good email server and a vulnerable domain as explained in the video
👌 'promosm'