The main reason for SPAM
Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Email Servers, therefore circumventing spoofing protection mechanisms SPAM filters.
Bugs were found in over 30 applications, including prominent ones like Apple Mail (MacOS, iOS and watchOS), Mozilla Thunderbird, various Microsoft email clients, Yahoo! Mail, ProtonMail and others.
In addition to the spoofing vulnerability, some of the tested applications also proved to be vulnerable to XSS and code injection attacks.
Attacker can create a valid email address whose username is actually an RFC-1342-encoded string:
From: =?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?==?utf-8?Q?=00?==?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@mailsploit.com
Decoded this becomes which contains null-byte (\0):
potus@whitehouse.gov\0(gov@whitehouse.gov)@mailsploit.com
The problem is most mail systems will ignore everything after null-byte (\0).
Thus potus@whitehouse.gov would be scanned ignoring the real exploit domain @mailsploit.com.
Thus when you reply to this email, it would choose first email.
Reply-To: potus@whitehouse.gov
Who does this affect ?
Mail Clients affected (see full actively maintained spreadsheet)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | Mozilla Thunderbird ≤ 52.5.0 / SeaMonkey ≤ 2.4.8 MACOS WINDOWS Mail for Windows 10 WINDOWS Microsoft Outlook 2016 MACOS WINDOWS Yahoo! Mail IOS Yahoo! Mail ANDROID [A bug bounty program that does not allow disclosure yet] ANDROID [A bug bounty program that does not allow disclosure yet] IOS Spark ≤ 1.4.1.392 MACOS Spark IOS ProtonMail ANDROID IOS Polymail MACOS Airmail ≤ 3.3.3 MACOS BlueMail ≤ 1.9.2.62 ANDROID TypeApp ANDROID IOS AquaMail ANDROID Opera Mail MACOS WINDOWS Postbox ≤ 5.0.18 MACOS WINDOWS Newton ANDROID MACOS WINDOWS Guerrilla Mail ANDROID Email Exchange + by MailWise ANDROID AOL Mail ANDROID TouchMail WINDOWS Mailbird WINDOWS |
Source
https://www.mailsploit.com/index
No comments:
Post a Comment