What is IP / Mail Spoofing? | How can we do this?

Shezzar

Shezzar

Üye
20 Ocak 2019
89
3
C#


Ty718G.jpg


What is IP?

The IP adress is simply the identity of the device. An IP address consists of four numbers separated by dots, for example your ip address is 00.00.000.000. IP Address allows a computer on the internet to be easily found by other devices.

39PWCT.jpg


What is Mail?

Electronic maill (e-mail) is a type of communication that enables voice, text, image or different file transfer via the internet. This technology, which enables very fast communication is frequently preferred in business or personal use.

What is Spoofing?

Spoofing is sending TCP/IP packets over any IP address. The target that receiving the package containing the fake IP packet cannot know this IP adress is real or not and they usually don't investigate this.

4UUW6M.jpg


What is IP Spoofing?

It is an incognito method often used by malicious hackers. Another use is to be anonymous using someone's IP without putting the tool in the connection.

JNIfWB.jpg


What is Mail Spoofing?

Mail Spoofing is to deceive the victim by sending an e-mail from an e-mail address. Usually scammers use it. Sometimes it can be used in situations where one on one contact with the victim is required, such as social engineering and information gathering. However, it is not a very good method.

How to do IP & Mail spoofing?

There are many tools written for this. The most used tool is below.
https://github.com/mikechabot/smtp-email-spoofer-py

This tool is the best tool for those doing this job. Let's use it now.


2xHSBO.jpg


Installation

git clone https://github.com/mikechabot/smtp-email-spoofer-py

cd smtp-email-spoofer-py

pip3 install -r requirements.txt

python3 spoof.py -h


Let's run it with the command. It is simple to use but since I do not have an hacked machine, I can tell you untill here.

So if it has such a simple use, how can we be protected?

KA5O5S.jpg


How can we be protected?

The most important thing in such matters is awareness and attention.

1- If you have any doubts about the legality of an email, make a phone call to confirm that the information is correct and that it really came from the sender.

2- When visiting a website, pay attention to how the website looks and behaves.

3- If the site looks suspicious to you, leave the site without sharing any personal information. If you really need to contact the company, contact the company directly instead of website.

4- On internet giveaways, gifts etc. sites are used to grab people's attention and steal their information. Stay away from these sites.

5- Do not open e-mails without SPF registration. If you need to open it anyway, you need to be sure that they are verified company.

6- If you are doubt about the file, application, link etc. sent to you in the e-mail. Do not open it or take a look at the virus scan.



Translator: Shezzar
Source: https://www.turkhackteam.org/sosyal...spoofing-nedir-nasil-yapilir.html#post9165600
 
Cevap yazmak için giriş yap yada kayıt ol.
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.