home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Internet
/
email
/
Fakemail.txt.sit
/
Fakemail.txt (By HooL)
next >
Wrap
Text File
|
1998-04-05
|
5KB
|
125 lines
-HOW TO FAKEMAIL- By I Am Evil Homer (a.k.a HooL)-
________________________________________________
NOTE:
Fakemail is also know as spam-mail or email spoofing. For the sake of my sanity,
I'll just call it fakemail.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
OK. I've finaly gotten around to writing a file. Woo hoo. This is just
something I picked up a while back and feel it my honourable duty to inform those
who don't know. Anyone advanced (or even an intermediate) in the hacking community
will probably know this technique so I guess this is for all those badass-wannabe-lamerz
out there!
This is great for social engineering (ie. tricking dickheads into revealing their
passwords, etc to you)
First of all get yourself a telnet program. For Mac i reccomend NiftyTelnet.
For PC I couldn't give a shit what you use.
NOTE: Test this beforehand to see if your mesage produces a message id. If it does, t
hey can track you down and tear your balls off...just thought i'd mention it.
Step 1) Choose where you want the mail to be from. If their domain uses email,
chances are(but not always) you will be able to pull it off.
Step 2) Load the telnet app. Type in the address in the following format:
www.victim.com:25
This logs onto that server on the mail(smpt) port(25)
Immediatly you should be presented with something along this line:
220 victim.com Sendmail 8.8.5/8.8.5 ready at Mon, 30 Jan 97 12:00
Step 3) Decide what account on that server (ie login name for email address)
that you want it to originate from. It can be real or just one you have made up.
type in
mail from: dickhead
this will make the originating email dickhead@victim.com
Don't be a moron and type in dickhead. Use your imagination!
Step 4)
type
rcpt to:satan@hell.org
this will be the account you want the email to be to
Some require you to put "mail" on a seperate line beforehand.
Step 5)
type
data
Step 6)
After this, you just type in the text that goes in the body of the message.
When you've finished hit return and put a single full stop on the next line and hit
return again. Simple. You now want to send it. Type in quit and the message will
(if all goes well) be sent. I havent bothered to put in a subject line (Get off your
lazy ass and work that one out for yourselves!)
-=-=-=-=-=-=-=-=-=-=-=-=-=-
Social Engineering:
So you have some lame wanker that you require a password from. Easy enough.
Do all this from their admins (somthing like sysadmin@victim.com) account and make up
some bullshit story.
For example:tell them about how you are having problems with people hacking
accounts and you need an email to confirm all their detail and cross reference
them with your database. Make up an email address at www.netadress.com (usa.net)
(DO *NOT* give them ANY personal details). Name the account sysadmin or something
like that. You MUST say to send it to that account or it will seriously
fuck things up. Give them an excuse that your mail server has fucked up
and you need to use the secondary account.
Feed them all that bullshit and they MIGHT even send you their password. Who knows.
There are heaps of fuckwits out there ripe for the picking.
FINAL NOTE:
Plain and simple, this method IS able to be tracked if a message id is generated.
To see if a message id is generated, try this by sending on to your self. Look in
the message headers for a "message-id:iu6sdfuu6df@blahblah.com" for this. Make sure
you have "long headers" on to look for it (in Emailer 2 anyway).
Use someone elses account (hack it?). DO NOT use you own! The mail server will
log your IP address and therefore have you by the balls (and we all hate that).
-=-=-=-=-=-=-=-=-=-=-=-=-=-
Windows NT Remote Procedure Call.
I just remembered something some people may want to know. It involves Windoze NT.
Don't go fuck with a NT server for the hell of it, that would confirm your dicklessness.
This will result in 100% cpu usage.
Step 1) Telnet to port 135 OR 1031 (also 53 [if DNS is running])
on your targets server. (www.victim.com:135)
Step 2) Type in about 10 characters.
Step 3) Hit return.
Quit your telnet app and the deed is done.
The only way to stop this is a restart of the server.
It is my understanding that this works on versions 3.51 and 4.0.
-=-=-=-=-=-=-=-=-=-=-=-=-=-
If you want to contact me, I have been known to set up a hotline server (The no shit server).
So if you see it, pay me a visit. Failing that, just email <hool@usa.net>
-=-=-=-=-=-=-=-=-=-=-=-=-=-
Greets go to:
Somatic
Morbus
Modz
Luzza
LittleSister
-=Cap'n Krapp=-
Mac Friend
Any one else I have met in my travels
-=-=-=-=-=-=-=-=-=-=-=-=-=-
This text can be freely distributed in electronic form, so long it
remains unaltered etc. Keep Hacking!