Jump to content

Spoofing HTML/RTF mail


ReonBrack
 Share

Recommended Posts

Hi guys

I have made a mailer script in python that sends phishing emails with personalized links, to track who has taken the bait and who didn't. These people can then be further educated about phishing.

The only thing that's missing to start doing these tests is the email spoofing. I see alot of guides and tutorials with telnet, but that does not support HTML/RTF formatting.

There are some mailer websites that can send spoofed HTML like http://emkei.cz/.

So my question is; how do they do it and is it possible in Python?

EDIT: I have a Direct-To-MX mail feature, but the mail just ends up in the spamfolder.

Edited by ReonBrack
Link to comment
Share on other sites

Who do you say it doesn't support HTML formatting?

What I typically see is that emails are MIME multipart with the one having a content type of text/plain and the other being text/html where the latter can be your complete HTML of whatever you want to present.

Note that mailers can be configured to either partially or completely ignore the HTML part of your email.

Link to comment
Share on other sites

I think you're not understanding what I'm saying.

Email in and of itself is plain text. Always.

To get the client to display something other than regular text, you need to encapsulate your content using MIME, where the various parts of the MIME message can be interpreted and displayed by the client. You can make things more user-friendly by continuing to provide the low-end plain text message with your email, but there's no requirement for you to do so. If you want to include an RTF, DOC or whatever, you're allowed to do so because MIME doesn't care. Chances are you'll only see it as an email attachment but that's a completely different problem for you to solve (hint: You can reference the mime parts from HTML)

Link to comment
Share on other sites

With the SMTPlib in python you use the attach function to add a MIMEText to a message. That's why I said attach, which is totally different than an email attachement. (Excuse me for the confusion)

There is nothing wrong with my mails, other than I'd like to spoof the sender address (with python).

Edited by ReonBrack
Link to comment
Share on other sites

Everything works other than the spoofing, so I can't do much with a basic tutorial on SMTPlib.
I've tried forging the headers and such, but to no avail.
Maybe smtp.send() does some checks? I don't know.
I have seen some PHP tutorials, and all they do is forge the header.

Link to comment
Share on other sites

All you should need to do is change the "from" in both the text and the invocation. That's why I stopped at that (indeed very basic) tutorial.

You don't need to provide credentials to send mail to that server, or do you?

Link to comment
Share on other sites

This works if I use Direct-To-MX, but the mail gets flagged as spam.

EDIT: This might be because the default for smtp.ehlo() is localhost.
So if I do something like smtp.ehlo("taget_domain") I might get passed some spamfilters.

Edited by ReonBrack
Link to comment
Share on other sites

Since you're targetting your local mailserver with your emails (as you bloody well should) you should use either your current network IP or preferably, assuming you get one, the hostname of your system with in the network.

Link to comment
Share on other sites

This tool will not be used for spamming purposes, but for phishing education.
I'll check Spam Assassin out.
EDIT: SPF aims to prevent email forgery, but If the domain name in the sender address is bogus or controlled the sender, the SPF test will not be of any use. So if I use something like @secure.mycompany which does not have an SPF record, the check is skipped

Edited by ReonBrack
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...