Recipient email address not printed in mail client
ismokaka opened this issue · comments
ismokaka commented
Jianjun Chen commented
Looks like the To
header is missing in the message data. Please provide the full console log printed by espoofer so that I can help you.
ismokaka commented
Find below the full log printed (for privacy i changed my own domain by XXX.YY):
Start sending emails...
Connecting ('45.55.104.203', 25)
>>> 220 12c7dd814f66 ESMTP Haraka/2.8.26 ready
<<< ehlo helo.XXX.YY
>>> 250-12c7dd814f66 Hello Unknown [127.0.0.1]Haraka is at your service.
250-PIPELINING
250-8BITMIME
250-SMTPUTF8
250 SIZE 16777000
<<< mail from: <any@mailfrom.notexist.mydomain.com>
>>> 250 sender <any@mailfrom.notexist.mydomain.com> OK
<<< rcpt to: <xinah68067@naymio.com>
>>> 250 recipient <xinah68067@naymio.com> OK
<<< data
>>> 354 go ahead, make my day
<<< From: <admin@mydomain.com>
<xinah68067@naymio.com>Testing EspooferDate: Fri, 12 Mar 2021 14:57:55 +0000
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Message-ID: <1538085644648.096e3d4e-bc38-4027-b57e-87A0AE@message-ids.XXX.YY>
X-Email-Client: https://github.com/chenjj/espoofer
Just Testing. Regards
.
>>> 250 Message Queued (754E166F-87AF-4545-BC73-CFCF419852C9.1)
<<< quit
>>> 221 12c7dd814f66 closing connection. Have a jolly good day.
Finished.
The config.py file is :
config = {
"attacker_site": b"XXX.YY", # attack.com
"legitimate_site_address": b"admin@mydomain.com", # From header address displayed to the end-user
"victim_address": b"xinah68067@naymio.com", # RCPT TO and message.To header address,
"case_id": b"server_a1", # You can find all case_id using -l option.
# The following fields are optional
"server_mode":{
"recv_mail_server": "", # If no value, espoofer will query the victim_address to get the mail server
"recv_mail_server_port": 25,
"starttls": False,
},
"client_mode": {
"sending_server": ("smtp.gmail.com", 587),
"username": b"attacker@gmail.com",
"password": b"",
},
# You can customize the email message header or body here
"subject_header": b"Testing Espoofer",
"to_header": b"<xinah68067@naymio.com>", # e.g., <alice@example.com>
"body": b"Just Testing. Regards",
# Set the raw email message you want to sent. It's used for replay attacks
"raw_email": b"",
}
Jianjun Chen commented
Please try to change
"subject_header": b"Testing Espoofer",
"to_header": b"<xinah68067@naymio.com>", # e.g., <alice@example.com>
to
"subject_header": b"Subject: Testing Espoofer\r\n",
"to_header": b"To: <xinah68067@naymio.com>\r\n", # e.g., <alice@example.com>
ismokaka commented
It works now.
Thanks, we can close the issue.