Do you know free or anything, I am trying to practice email spoofing through Kali but I tried SMTP2go, sendgrid, mailjet but none of them work. I always get “Unable to establish a connection with the SMTP server. Try again.”
If you know any SMTP server that I can use that works with KALI it would be much appreciated. Thanks
The error log indicates that the server is unable to establish a connection with the mail host. This could be due to networking issues on your server or on the mail host, although there are other potential reasons for the connection to fail as well.
I want to tell you about this attack. like, how it is possible to change your Email header and send it to a VALID email.
there is a port called SMTP(server mail transfer protocol). it is a port that enables communication between two devices with Email. Email Spoofing is like a bug in SMTP.
for example, your friend is Sam and his Email address [email protected] . if try to email him, the SMTP will ask us to input OUR EMAIL and then it will ask us the FRIEND's EMAIL.
now we can type anything in the place of our email. because it doesn’t check it. it checks the address on which the message is to be sent.
now that you know how the Email Spoofing Attack works, we can start the practical. I am using Kali Linux tool, SET(social engineering toolkit). this attack can also be done by the android. STEPS:
fire up your Kali Linux and start SET
press 1 to select social engineering attacks
press 5 to mass mailer attack and select 1 to send to a particular target
when you will press 1 then it will ask you for a target Email Address. input the address and press ENTER
it is an important step so read it carefully.
now it will ask you for an SMTP server. it is important to choose relay server by pressing 2 .
but the thing is you don’t have an SMTP relay server. SMTP Relay is a service that routes email through a trusted 3rd party to deliver your email.
you can google about free relay servers. I will recommend you smtp2go.com
go to the website and create an account & go to the settings page and create a user.
you will user, password, the SMTP server(smtp2go) and port.
now it will ask you to enter an Email and Name that the victim will see as an email header. you can type any email you want.
then you will be asked for username and password of the SMTP relay server. you just created it in step5.
now you will have to enter the relay server domain and port which are mail.smtp2go.com 2525
and we will select higher priority yes
and you can choose the subject of Email as you like
after that, it comes on email. it asks for the HTML or plain to type in the email. we can type p for plain.
now you can type your message for the Email and you want to end it, just type END .
if you have done everything great, it should look like this(sorry for the mail server)
Sendemail on kali linux using smtp2go for are server and send it to your target so lets talk of a few ways this can be used in
1: Phishing : Yes this method is used mostly in Phishing attacks they attack will email you that your account was was hacked and for you two change your password u click the link and think your signing in but really your gaving us the password and email
2: to deliver a payload. You can use this method to deliver payloads to target
3: using it with Beef-xss . you can all use this to perform a browser attack with beef -xss
there a few ways if i was to write the whole list the post will never end this attack is most common and the most knowing but yet people still fall for it.
getting set up
first of all we need to sign up to smptp2go account so when ya get that done move on to the next step SMTP2GO
Now we clone sendmail of github git clone https://github.com/mogaal/sendemail.git
now let change to sendmail file so type cd sendmail
now what we do it type ./sendemail --help
so we wanna send the email to target first of all we type sendemail -f [email protected] -t [email protected] -u Someone Has Your Password -m Someone has your password this last sign in location and ip click here to reset your password -s mail.smtp2go.com:2525 -xu [email protected] -xp ********
-f is the email u wanna use
-t is the targets email
-u is the subject of the email
-m is the message of the email we you can add links
-s u add thte smtp server url and posts
-xu is the email you use to log in
-xp is the password of the server