Sign in to follow this  
Followers 0
markilark

Gmail E-mail Address Spoofing

23 posts in this topic

Well this is my first post, although i am a longtime reader of the forums....anyway...

So apparently Gmail has implimented a new feature in gmail that allows you to change the address that the receiver sees, or as they put it: "customize the 'From:' address on outgoing mail". I am thinking the spoofing posibilities are endless...

here is a pic:

gmailaddy2wa.jpg

Edited by markilark
0

Share this post


Link to post
Share on other sites
they're prolly not gonna let you fake the headers, though....

--cid

but complete retards wont look at the headers...

0

Share this post


Link to post
Share on other sites

google is trying to expand into the phishing and spamming community. Very interesting, taking over the world, one thing at a time...

0

Share this post


Link to post
Share on other sites

"Click 'Next Step >>,' and then click 'Send Verification' to complete the process. Gmail will send a verification message to your other email address to confirm that you'd like to add it to your Gmail account. You'll need to click the link in that message, or enter the confirmation code in the 'Accounts' section of your Gmail account, to complete the process. Once you've verified that you'd like to add the address to your account, you can start sending messages using your custom 'From:' address."

You would have to get around that

0

Share this post


Link to post
Share on other sites
"Click 'Next Step >>,' and then click 'Send Verification' to complete the process

You would have to get around that

from what i understand, that is only if you want the reply to that email that you sent to go to your spoofed address, then you would need a conformation.

0

Share this post


Link to post
Share on other sites
from what i understand, that is only if you want the reply to that email that you sent to go to your spoofed address, then you would need a conformation.

Nope...

From Google:

Before you can send mail as *****@****.***, we need to verify that you own this email address. To perform the verification click "Send Verification". We will then send an email to santa@erty.com with instructions on how to verify your address.
0

Share this post


Link to post
Share on other sites
Before you can send mail as *****@****.***, we need to verify that you own this email address. To perform the verification click "Send Verification". We will then send an email to santa@erty.com with instructions on how to verify your address.

Did you just censor your e-mail address and then forget to censor out the second instance of it? Just checking... :D

edit: spelling. I don't want to get on Strom's bad side. =)

Edited by ziptree
0

Share this post


Link to post
Share on other sites

Um, no, I purposly wrote the second one also. If you really want to, go ahead and sign santa@erty.com up for as much midget porn as you would like, I don't think it even exists...

Edited by Perf-149
0

Share this post


Link to post
Share on other sites
google is trying to expand into the phishing and spamming community. Very interesting, taking over the world, one thing at a time...

Google wont take over the world. Google will take over the internet. I think thats there goal.

0

Share this post


Link to post
Share on other sites
can somone tell me if its possible to hack into a gmail account?

sure it tells you how to do it with kazaa++++++++ in the thread that is pinned that is entitled " WARNING AGAINST CERTAIN ACTIVITY! THERE IS NOTHING ILLEGAL HERE!"

0

Share this post


Link to post
Share on other sites

Why do people want to "hack" hotmail, yahoo mail, gmail etc.? It seems stupid...

Spoofing mail is a very easy thing to do. Simply telnet to smtp.mail.server (port 25 is default for SMTP), and you can pretty much learn how to use it from the 'help' command.

"mail from:" and "rcpt to:" are to set sender address and recipient address, respectively.

Keep in mind, this will only work on open relays. Often, your ISP-provided SMTP server will allow you to relay messages. To the best of my knowledge, the only form of verification used by most ISPs to guard their mail relays is hostname-based. In other words, so long as you are coming from a *.cox.net address, you will have access to Cox's mail relay. This leaves the door open to IP-spoofing as a method of accessing the relay.

Some ISPs use various AUTH methods to protect their mail relays. I know verizon.net does, at least.

0

Share this post


Link to post
Share on other sites

Whilst on the subject of gmail could someone with an account send me an invitation please so I can take a look at it and experiment a little.

Many Thanks

zerodata

zerodata@angel-x.co.uk

0

Share this post


Link to post
Share on other sites
Whilst on the subject of gmail could someone with an account send me an invitation please so I can take a look at it and experiment a little.

Many Thanks

zerodata

zerodata@angel-x.co.uk

Sent

0

Share this post


Link to post
Share on other sites
google is trying to expand into the phishing and spamming community. Very interesting, taking over the world, one thing at a time...

Google wont take over the world. Google will take over the internet. I think thats there goal.

Well, right now, the internet = the world.

And while I am speaking to you, change your location now biotch! It was mine first!

EDIT - 100 Posts, Yay

Edited by Perf-149
0

Share this post


Link to post
Share on other sites
google is trying to expand into the phishing and spamming community. Very interesting, taking over the world, one thing at a time...

Google wont take over the world. Google will take over the internet. I think thats there goal.

Well, right now, the internet = the world.

And while I am speaking to you, change your location now biotch! It was mine first!

EDIT - 100 Posts, Yay

true

0

Share this post


Link to post
Share on other sites

There is a site... crap I forget the address, just google around or something, you just enter and email address and it sends you an automatic gmail invite, they have the number of gmail invites left in their database and stuff, it's neat

EDIT: http://www.bytetest.com/

Edited by jedibebop
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0