The Story starts with our hero n00b coming home all frustrated and tired. It was a hard day at the office. It was his co-worker n00x who made his day terrible. n00b was too pissed off and he was thinking of some way to get even with n00x.
Finally he got the idea to spoof the email address of his boss and with that address, mail noox (brainy, noob!).

n00b works for a firm named firmA. He knows that all the three , he noox and the boss of the company have email account at the server of his company. Thats good! because his idea is going to work for spoofing to and from the mail addresses of the same domain.

He knows his email address was n00b@firma.com. that means he has the domain i.e firma.com

Now his first job is to get the address of the firmA's e-mail server.
Too small a task for our hero. he could have performed a nslookup query from hi command line. but he choose the easier way.

He visited http://centralops.net/co/DomainDossier.aspx . There he typed his domain name i.e firma.com and performed a "DNS Record". He got huge list of information about that domain. But amongst those what he needed was a record labeled MX meaning "Mail Exchange". There were several such records. He choosed one and noted the address of server. It was mail.firma.com (So Far, So good!).

Next he turns off the firewall, opens the command prompt and gives the command:

telnet mail.firma.com 25

He knows its important to input port no in the last part of the command and 25 is the default smtp server port. Even if this particular server used 25 as default smtp port, it is NOT necessary that every smtp server MUST use port 25. Many big services have there port something else. If n00b was to go for them, he would have researched everything on the net before planning the attack.

the connection starts and in the next screen he is greeted by the banner of the mail server which looked something like this

220 mail.firma.com ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Tue, 19 jul 2007 14:44:12 -0500

(looks good!)

now he gives command:

helo firma.com

by this he introduced himself to the server. The server responded back:

mail.firma.com at your service

Next he types:

mail from: boss@firma.com

by this he tells the server is that his account is boss@firma.com.

In next command he defines recipient:

rcpt to: n00x@firma.com

Now he needs to compose the mail. he gives command to start the mail input:

data

He types his mail:

you are a real sucker. I am feed up. You are fired! just get lost.

now he presses enter followed by a "." ( period) and then enter again

The server says that the command was completed successfully. And sends his mail! and n00b walks out for a victory coke!


n00b was an experienced player. He knew that taking security precautions was necessary, coz if he slips, his IP address will be recorded in the log file on the server. He took many measures like doing all from behind a proxy server.



-n00b












DISCLAIMER: Everything posted here is for the educational purpose only. I am NOT responsible for your actions and whatever use you might bring this info into. Hacking is Illegal and Crime.



It is not for the newbies. if you don't know what you are doing you might slip and end up in a big mess! you have been warned. I'll never admit i did it (ofcourse, admitting will be like accepting your crime).