|
Penetration Testing
mailing list archives
Re: [PEN-TEST] Sendmail: Keeping a copy of relayed email
From: DmuZ <DmuZ () ANGRYPACKET COM>
Date: Tue, 29 Aug 2000 10:02:59 -0700
You could use mailsnarf from the wonderful dsniff package at:
http://www.monkey.org/~dugsong/dsniff/
and avoid having to tangle with sendmail.cf at all.
DmuZ
DmuZ () angrypacket com
http://angrypacket.com
~beware the wrath of the angrypacket~
----- Original Message -----
From: David Taylor <taylord () INFOSECURE COM AU>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Monday, August 28, 2000 11:34 PM
Subject: [PEN-TEST] Sendmail: Keeping a copy of relayed email
| Hi Pen-testers,
|
| I am currently looking into the possibility of eavesdropping a client's
| inbound email as part of a penetration test. I have about 75% of the
| problem worked out, but I would really like some help with the last 25%.
|
| I have figured a way that I can take over DNS authority for their domain
| name, and then set up my own DNS server to serve their records. Once this
| is in place I will set up one of my machines as their primary MX. On this
| machine I will use sendmail's mailertable feature to get their incoming
| email to their email server.
|
| My problem is - I want to keep a copy of the incoming email that I relay
| off my machine.
|
| An associate has suggested that I would need to hand-hack the sendmail.cf
| file to add another (local) recipient into the mail delivery before it is
| sent off to mailertable for delivery. My sendmail skills aren't quite up
| to this level, and I wondered if anybody has ideas on how I can turn this
| into a reality? Anybody done something like this before? Anybody seen a
| how-to on this? Anybody provide some pointers to a quick head's-up on
| sendmail.cf delivery rule hacking?
|
| Thanks
| Dave Taylor
|
 By Date 
By Thread
Current thread:
|
Intro
