mailing list archives
From: natron at invisibledenizen.org (natron)
Date: Mon, 11 May 2009 09:56:37 -0500
On Sat, May 9, 2009 at 11:10 AM, Adrian Crenshaw <irongeek at irongeek.com>wrote:
220 mx.gmail.com ESMTP 70si2094099rnb
250 mx.gmail.com at your service
MAIL FROM:<irongeek at iirongeek.com>
RCPT TO:<irongeek at ggmail.com>
354 Please start mail input.
Anyone know of any tools to help you build html emails for this purpose? I
currently doing it in a cheating way, but it works well. I'll craft an
email in Outlook to make it look exactly how I want, then forward it to my
gmail account. Gmail has a "show original" tab that allows you to see the
full source of the email. Copy and paste into a text editor, modify fields
to your wishes, then paste it into the DATA section as shown in irongeek's
email. This allows you to easily imbed images (it handles all the MIME
base64 + references stuff automatically for you).
On a related note, I've noticed that if you set the MIME fields in the
email, all of the configurations of Outlook I've run into will display what
is in the DATA section of the email rather than who it is actually sent
from/to (in the MAIL FROM: and RCPT TO: sections).
Often times email servers will allow you to spoof the MAIL FROM: address to
appear to come from someone internal (MAIL FROM: it-department at company.com),
but even if they don't, you can set the From field inside the DATA section
to "it-department at company.com" and that's what outlook will display. You
have to view the headers to realize that's not who it came from, which of
course no ever does.
These kinds of tricks are incredibly useful for social engineering.
-------------- next part --------------
An HTML attachment was scrubbed...