GCS Learn
Deauth Attack: Defense and Attack
Author - GIGOCYBERSPACE
Republished - 21 October 2024
In email spoofing, the attacker forges the sender's email address, making it appear as if the message originated from a different person or organization. Espoofer has the ability to spoof email address using it's tools. And what more it can bypass SPF/DKIM/DMARC authentication.
Espoofer has special features like spoofing email even with authentication. But for you to meet the requirements must me have port 25 open and not block by your ISP. Also there are three more you use to initiate this attack:
- Server Mode(which is default configuration) - This requires n IP address and port 25 not blocked by your ISP
- Client mode - Must have an account with the victim(for example the hacker must have an account in Gmail if the victim address is vitcim@gmail.com)
- Manual mode - For debug purposes
But in this tutor, we will use Client Mode for simplicity.
Install Espoofer
Install Espoofer from the tool from GitHub by typing:
git clone https://github.com/chenjj/espoofer
And install the required modules in pip with the command:
pip install -r requirements.txt
Setting up the Config File
You need to set the configuration in a python file called config.py to set for example the receiver's and sender's email, your password, email to be spoofed and case id. Your case id is like how espoofer would treà treat the spoofing and attack. The case id case_a1 is the would convenient case being used. Other case ids are:
Set the configuration file something like this:
config ={
“legitimate_site_address”: b”<_email_to_spoof>”,
“victim_address”: b”<vitcim_email>”,
“case_id”: b”<case_id_mostly_client_a1>″,
“client_mode”: {
“sending_server”: (“smtp.gmail.com”, 587), # SMTP sending serve ip and port
#Your Real Email and Password
“username”: b”<your_real_email>”,
“password”: b”<your_passward_here>”,
},
}
Launch Vector
Now we've set up the config file, it is time to launch the attack vector. Please just note that the SMTP server should be your own message server and not the receiver's.
Now type this to launch the attack:
python3 espoofer.py -m c
The execution will try to execute, once this is executed if everything requirements are meant, the email, will be spoofed to the host. If not seen in inbox, check your spam and promotion tab.
