--ooOoo--
Hiding Email
Back
to Top
Fake Email Stuff
There are lots of programs on the net that say they can send fake e-mail.
I'm not trying to say those don't work, it's just that they don't work 100%
(actually, neither does our method, but our way is 100% better than using a
program :-).
I'm going to briefly describe how to send an improved fake e-mail and
discuss the problems with most fake e-mail programs. I would like to
explain how e-mail works, but that would take to long. The problem with
fake e-mail programs is that their first issued command is 'helo' which
logs you into the server.
You may say, "but I've used one and it works fine". It may appear to be
from your faked server, but if they look at the header information,
it will show some error such as "apparently from".
This is a dead giveaway that the mail is fake. Anyway, if you leave out
the 'helo' command, you improve your chances for success.
Here is the process of faking mail through Telnet:
Step #1: Find a STMP (Simple Transfer Mail Protocol) server.
To find a STMP server, use telnet to log into as many different
servers as you can think of -
Use portscanner N search for "open N free" port 25
(the stmp port).
Most servers use ESTMP which is not good for faking mail.
Once you've found a server that has STMP in the greeting
(when you connect), then your on your way.
One thing to keep in mind is that the backspace key DOES NOT
WORK in windows telnet!
If anytime during the telnet session you use backspace, you must
disconnect and start over, or else the person getting the mail will
get weird characters throughout the fake e-mail.
(and that really sucks)
Type telnet free.smtp.server 25
where free.smtp.server is the "open N free" server
Step #2: Start the e-mail. The first issued command should be
mail from: bclinton@whitehouse.gov
If the server says something like
"you must use 'helo'" then,
move onto another server, otherwise you should get
"+OK sender ok" or something like that.
Step #3: Second command should be:
rcpt to: victim@aol.net
This is your victim's e-mail address.
Once again, you should get back "+OK" something.
Step #4: Making it believable, type:
data
It should respond with +OK and then
something about '.' being the last command.
Step #5: To actually send the message, type:
Subject: Greetings, Bill Clinton wishes to have a word with you.
To: Charles Manson (victim@aol.net)
From: Bill Clinton (bclinton@whitehouse.gov)
Charles Manson is where you would put the victim's real name,
if you don't know it, just
put their e-mail address there,
doesn't really matter WHAT goes there.
There is only one return after each of these commands, but after the
From: command, you MUST press return twice.
If you don't, then the text won't send. Don't forget, backspace may look
like it's working, but in reality, the e-mail will turn out shitty.
Now you can type the actual message:
Hi Charles, this is Bill Clinton and I just wanted to say thank
you for breaking into whitehouse.gov, my personal body guards are
on their way to your home as your reading this. Please have a
nice day.
Or whatever message you want to go there. Then:
.
The period followed by a return means you are through with the data,
and ready to send. After the period, it should do it's cool "+OK" thing
ie again.
After the +OK, then you type:
quit
On a line by itself (betcha can't figure out what THAT does!)
if you don't know what quit does,
then it just sends the message and disconnects you.
Without quit, your mail won't send.
Try sending the 'example' mail to yourself, so you can see if it works.
also, if you connect to a server that FORCES you to say 'helo',
try helo localhost. or try 'helo xxxxxxx'(where xxxxxx is greater than 1024 x's)
The above tips are extracted from THP
and from the Linux Network book.
Hint: use wingate 1st!
telnet foo_wingate.server.com 23
wingate>free_smtp_server.com 25
wingate>all the steps #2 -> #5 above with the correct guessed passwd
Back
to Top
Pop Email Stuff
If you are at someone else's computer and want to check your mail,
but you don't want to make a new mail-box in their e-mail program,
there is a quick way to get it through telnet. This is also useful
if you have been mail-bombed, for you can delete the messages before
downloading them.
Step #1: Connect to your Pop3 mail server through port 110
(in the RUN box,
type "telnet mail.yourmailserver.com 110")
Step #2: Type 'user foo_emailname'
where foo_emailname
is your e-mail username (eg foo_emailname@yourmailserver.com).
It should come back with,
"+OK password required for user foo_emailname" or
someshit like that.
Step #3: Type 'pass password'
where password is your e-mail password.
It should tell you how many messages are waiting in your mailbox,
or congrats, or something like that.
Step #4: Type 'list'
to get a list of all the messages,
they each will have a number beside them.
Step #5: Type 'retr #'
where # is the number next to the message you want to read.
This will allow you to read it, but it stays on the server.
Step #6: Type 'dele #' (optional)
will remove any messages you don't want
where # is the number you want to delete.
Step #7: Type 'quit'
Disconnecting.
IMPORTANT:::: you must type 'quit' before closing telnet or
you may hang your mailbox.
It is horrible to have that happen.
X-tra info:
after the 'retr' command,
the mail gets marked with a -R or something.
whenever you go to get your email at your house,
you will notice that it has already been read to keep it
from looking like it's already been read,
type 'rset'
before you quit to reset it back to the original way it was.
this is useful for checking other people's email :)
(which i am not condoneing :-)
The above tips are extracted from THP
and from the Linux Network book.
Hint: use wingate 1st!
telnet foo_wingate.server.com 23
wingate>mail_victim.server.com 110
wingate>all the steps #2 -> #7 above with the correct guessed passwd
Back
to Top
--ooOoo--
Investigate Anyone Using the Internet Webdetective
|