Skip to main content

SMTP_Relay_Phisher

 

Overview

SMTP Relay Phisher is a tool for testing and exploiting the SMTP Open Relay vulnerability by simulating real-world phishing attacks. This tool used for two purposes:

  1. To run the phishing campaign by command line
  2. To exploit the SMTP Open Relay vulnerability by sending phishing email

This tool used custom SMTP-cli. I have done some basic modifications in his script. Thanks to smtp-cli for developing such a useful tool.

Feature Overview

  • Fully open-source means there are no limits on the use
  • Lightweight as compared to other phishing toolkits
  • Run multiple phishing campaigns simultaneously
  • Send an email with embedded First Name, Last Name, and Email
  • Highly flexible to run phishing campaign by exploiting SMTP open relay issue
  • User enumeration by “RCPT TO”
  • Time delay is available to bypass the open relay restriction

Reason to Develop SMTP Relay Phisher

Recently, I was working on a Red Team activity, where I found SMTP open relay vulnerability. I used “SMTP-cli” tool to run the phishing campaign for the exploitation of the open relay issues but the challenges were that I was not able to alter the First Name, Last Name, and Email like we do by Kingphisher and other phishing toolkits. One more challenge was that the Open relay issue was allowed to verify the user by ‘RCPT TO’.So, I gather the information from Linkedin and create Email ids in FirstName.LastName pattern but didn’t know any working tool that automates email verification by RCPT TO. So by using the idea of Kingphisher and by using smtp-cli, I develop this tool. Thanks, Kingphisher and SMTP-cli for developing such an awesome tool.

Why Use SMTP Relay Phisher

  • This tool doesn’t work on the client-server model like other phishing toolkits.
  • This tool runs directly from the attacker's machine.
  • This tool is lightweight and easy to use.
  • This tool helps in a red team activity to run a phishing campaign by exploiting SMTP open relay.
  • This tool helps to validate the user by RCPT TO.

Note

SMTP Relay Phisher is only to be used for legal applications when the explicit permission of the targeted organization has been obtained.

Labels:

Comments

Post a Comment

Popular posts from this blog

Free Cybersecurity Certifications

Introduction to Cybersecurity Cybersecurity Essentials Networking Essentials Android Bug Bounty Hunting: Hunt Like a Rat Ethical Hacking Essentials (EHE) Digital Forensics Essentials (DFE) Network Defense Essentials (NDE) Introduction to Dark Web, Anonymity, and Cryptocurrency AWS Skill Builder Introduction to Cybersecurity Building a Cybersecurity Toolkit Cyber Aces Free Cyber Security Training Course Introduction to Information Security Penetration Testing - Discovering Vulnerabilities
Post a Comment
Read more

Web Application Security Testing (WAPT) Interview Questions

Let's Contribute All Together For Creating a Questions Dump What are the vulnerabilities you have to test in the Login form, Payment gateway? What is clickjacking? What is the mitigation of clickjacking? What is CSRF? How to mitigate CSRF? Let's take an example, If a developer implements a CSRF token in a cookie, will it mitigate the CSRF issue? Is it possible to mitigate the CSRF by header? If yes why, if No why? If the data is in JSON format, how you will check the CSRF issue and what are the ways of exploitation? Where to implement the CSRF token and why? If the client doesn't want to change the UI or doesn't want to implement the CSRF tokens, and headers then what mitigation you recommended to the client for CSRF? What is the problem with the per-request token? Is login CSRF possible? Explain login CSRF? Have you ever exploited it? What is the mitigation for login CSRF? Suppose, in an application csrf token is implemented in each request and every request, except th
Post a Comment
Read more

Is your webcam exposed on the internet and everyone enjoying your personal moments? | How to check webcam or security camera is exposed on the internet or not?

Nowadays we start using many technology devices in our homes. Many people are installing CCTV or security cameras in their houses, private rooms, offices, private places, etc for security purposes and monitoring, but many of them don't know how to configure that device securely. So let's talk about CCTV and security cameras only.  What do most CCTV/Security camera users believe? Most users believe that using a strong username and password on a camera administrative page protects them. (Partially true in the case of online cameras) Example: Why it is partially true? It's partially true because you are protecting only the camera administrative page which is also an important part. Still, you are not protecting the protocol used to control streaming media servers (Real-Time Streaming Protocol ( RTSP )). I have seen many online webcams whose administrative page is secured by strong credentials, but they forget to secure the RTSP protocol which gives me access to the streaming
Post a Comment
Read more