How to Exploitation/Hunting of SPF (sender policies framework) missing flag by Kidnapshadow

kidnapshadowKidnapshadow -
0

 How to Exploitation/Hunting of SPF (sender policies framework) missing flag by Kidnapshadow

Hey reader, today blog is related about SPF (sender policies framework) missing flag in website! firstly, I will tell you background concept of SPF.

#1 Background concept about missing insufficient SPF record!!

SPF record by kidnapshadow

According to Google, Sender policy framework, or SPF is a technical standard that helps protect email sender and recipients. from spam, spoofing and phishing. It is a form of email authentication.

Specifically, It defines a way to validate that an email message was sent from an authorized mail server, in order to detect forgery and to prevent spam. It was designed to supplement smtp, the basic protocol is used to send mail, because smtp does not itself include any authentication mechanisms.

#2 What is SPF record?

An SPF record is included in an organizations DNS database an SPF record is a specially formatted version of a standard DNS txt record.

An SPF record look like this :-

v=spf1 a include:_spf.google.com -all
  • v=spf1 is the SPF version 1, a component that identifies a TXT record as an SPF record.
  • a authorizes the host detected in the A record of the domain to send the emails.
  • include: is used to authorize emails that the sender can send on behalf of a domain (here, google.com).
  • -all tells the receiver’s server that the addresses not listed in this SPF record are unauthorized to send any email. It also tells the servers to reject such addresses.

Tips :- if you get the SPF record of any website/domain, the website/domain is secure from SPF and when SPF record is missing in that website/domain it’s vulnerable.

#3 How to check that domain have SPF record or not?

There are many online websites to check SPF record. some are list below.

1. http://www.kitterman.com/

2. https://mxtoolbox.com/

go and check website have SPF record or not!

#4 Exploitation of SPF record

you can use any fake mailer to forge the mail of a vulnerable website /domain.

Go to any fake mailer and send mail by website /domain.

Thanks for reading blog kidnapshadow(sidharth)

If you like the blog tweets on twitter @kidnapshadow_kd

and subscribe on youtube 

Kidnapshadow

Hey everyone, This side sidharth cybersecurity | ethical hacking https://medium.com/@kidnapshadow

إرسال تعليق

Post a Comment (0)

أحدث أقدم