Tuesday, October 23, 2007

Email Forging made easy..

Lets see how to forge an email, its really tough nowdays,since you need to get a website which is less secured.Almost none of the websites allow this kinda mail forging. They are banned. The process is

1. Open a command prompt by clicking Start, Run, and type cmd in the box and press OK. You should get a black "Command Prompt" screen.

2. Find out the name of your ISP's mail server, normally mail.isp.com or smtp.isp.com.

3. Type telnet mail.isp.com 25. 25 is the port number most SMTP servers use.

4. When the mail server responds, you can start typing SMTP commands.

5. Start with HELO blahblah.isp.com. You may have to use your ISP's domain name for it to be accepted.

6. If it says 'pleased to meet you' or something like that, continue with the address you want the mail to come FROM. So, to forge mail from Bill Gates, type MAIL FROM: billg@microsoft.com.

7. If it says Sender OK, type who you want the mail to go to, i.e. your friends address. Type RCPT TO: yourfriend@isp.com

8. If it says Recipient OK, then you can type your message:

  • Type DATA and press Enter.
  • On the first line type Subject: yoursubject and press Enter twice.
  • Continue typing your message, such as 'I'm bill gates and want to send you a billion dollars'.
  • Put a single period (.) on a line by itself and press Enter to send your message. The server should say 'Message accepted for delivery'.
9. You are done. You have just forged an email, and the recipient should be receiving it shortly.

10. You can test to see if a given SMTP server is configured for forwarding by using online tools.



Now in this world where the technologies are increasing in the power of exponential each day, its really a big deal to carry the above process, the damn easy way is below



It does the job of all the telnet stuff :)


Now after forging the mail, its easy to reveal the identity of the sender i.e who forged the email. The reason is all the email which are sent have something called as email headers. The enabling process is explained here.

Its in the form

Received: from microsoft.com ( [124.211.3.11]) by mail.funmaza.edu (8.8.5) id 004A21; Tue, Oct 21 2007 14:36:17 -0800 (IST)
From: bill@microsoft.com (William Bill Gates)
To: manicksurya@gmail.com
Date: Tue, Oct 22 2007 14:36:14 IST
Message-Id: rth031897143614-00000298
mail.funmaza.edu>
X-Mailer: Loris v2.32
Subject: Hi

The IP address of the forger is clearly mentioned in the above mail header. To avoid revealing of identity you must log in to any of the proxy servers such as Proxy1 and switch from these to any other Proxy2 servers( for better security). Then if you do all these multi proxying things, and also caught i will take the responsibility and go to the prison :)

2 comments:

Deepak said...

Nice work dude...

But,It is easy to find out you are forging.View full header option in the mail shows your IP address....Even if you are using some Ip switcher it is not much of a help.It will show you are a forger.

I know a story.
Once my friend got a mail claiming to be from Billgates(!!) saying that he was placed in Microsoft.
But when the view full header was selected.He found that it was someone from our college library.
That proxy ip was there in the header.

How to forge without others finding that you are a forger?I need your comment on that.

surya said...

there are multiproxy software available da....thers no chance to reveal the identity using that softwares...if your friend had connected using www.hidemyass.com proxy server it shows up a chicago IP da so there will be more chance of making the fellow believe..