Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 23
Guests Online: 19
Members Online: 4

Registered Members: 82876
Newest Member: bhl1986
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

e-mail spoofing.....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-12-09 11:02
i received an e-mail from an old classmate i don't know how he did it but he spoofed the sending e-mail to be 10. address. how was it done any hints because i can't find any way to spoof any other header than date, time, name, and from. any help would be appreciated headers are below








Delivered-To: **********@gmail.com
Received: by 10.114.146.7 with SMTP id t7cs524427wad;
Wed, 2 Dec 2009 12:27:06 -0800 (PST)
Return-Path: <**********@gmail.com>
Received-SPF: pass (google.com: domain of ***********@gmail.com designates 10.231.166.12 as permitted sender) client-ip=10.231.166.12;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of *************@gmail.com designates 10.231.166.12 as permitted sender) smtp.mail=***********@gmail.com; dkim=pass header.i=**********@gmail.com
Received: from mr.google.com ([10.231.166.12])
by 10.231.166.12 with SMTP id k12mr977000iby.48.1259785624171 (num_hops = 1);
Wed, 02 Dec 2009 12:27:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:received:in-reply-to:references
Grinate:message-id:subject:from:to:content-type;
bh=P52HAoMOYDkWapZVP+Fp4NA3J9JejsgFW7iLpSKrAaw=;
b=BLvXopi+tJheTErg2rbFneamWv/HJ2r4x7wF3eJtMqVkey2hQvvhCF5v457vo43Cm/
juzRaJ0DQqexQ2r8kC5b8OjBNhd5QZ8VYMJ+99Ny8oBdlXBPhADKKDvqw3ECUZ3Ju7E/
hGlUj+6RkFwXzJEQ6yFb3itHTkwMlGFiHh/G0=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=mime-version:in-reply-to:referencesGrinate:message-id:subject:from:to
:content-type;
b=NHw2SpYAcXvER9vmAlPYq4w3hukrlMPaFx9kQzsUiJ2LQ1fOMglmlJbWfxnlob+jGR
8SH53Z2ChmqKLKUzx9aF0EmEfIWpzCmyjlSSkT3MrYfNSv9+FoN2W6+vDRcFioBCqn9J
Kvjt535uU17O4W3GbG80xpOCnUaQOyA4B3JUs=
MIME-Version: 1.0
Received: by 10.231.166.12 with SMTP id k12mr977000iby.48.1259785624164; Wed,
02 Dec 2009 12:27:04 -0800 (PST)
In-Reply-To: <36c6f6360611091102x401d12b7p1b11e2ef40c8bbd9@mail.gmail.com>
References: <36c6f6360610291611o161bb1a0n3638e5c5b543f119@mail.gmail.com>
<36c6f6360610300913l666d2861ie1ebc2d4d6c8cf50@mail.gmail.com>
<36c6f6360610301032q7bf52650x29183337f3192631@mail.gmail.com>
<36c6f6360611091102x401d12b7p1b11e2ef40c8bbd9@mail.gmail.com>
Date: Wed, 2 Dec 2009 13:27:04 -0700
Message-ID: <8196d9d10912021227n1aa4b05av58a91a36f1c63b0@mail.gmail.com>
Subject: Re:
From: <********@gmail.com>
To: <**********@gmail.com>
Content-Type: multipart/alternative; boundary=001636c923929f1aee0479c4b214
Author

RE: e-mail spoofing.....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-12-09 15:38
314 wrote:
i received an e-mail from an old classmate i don't know how he did it but he spoofed the sending e-mail to be 10. address. how was it done any hints because i can't find any way to spoof any other header than date, time, name, and from. any help would be appreciated headers are below


He spoofed the sending email to be 10...?




Edited by ynori7 on 30-12-09 15:43
Author

RE: e-mail spoofing.....

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 30-12-09 22:33
wolfmankurd wrote:
314 wrote:
i received an e-mail from an old classmate i don't know how he did it but he spoofed the sending e-mail to be 10. address. how was it done any hints because i can't find any way to spoof any other header than date, time, name, and from. any help would be appreciated headers are below


He spoofed the sending email to be 10...?


I believe he is refering to the IP of the client. It starts with a 10.*****


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: e-mail spoofing.....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-12-09 23:33
I haven't had much experience in email spoofing but my guess is he might have used putty with a proxy.


Author

RE: e-mail spoofing.....

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 31-12-09 00:02
I'm not a routing expert, but to me it doesn't seemed spoofed at all. 10.0.0.0 is a reserved address block for private networks (ie: LAN's). Some email clients send the email to the exchange server with the address as the address they were given by the router. Since the machine has no clue what it's external IP is, it simply has to use the IP it was assigned (which happens to it's the internal IP). You can configure your mail client to send different addresses or even hostnames, if I remember correctly.

So, to me, this isn't any spoofing attempt or someone trying to hide themselves, just someone with a unconfigured mail client.

Hope that helps Smile


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 31-12-09 00:04
http://www.stealth-x.com
Author

RE: e-mail spoofing.....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 31-12-09 00:21
stealth- wrote:
I'm not a routing expert, but to me it doesn't seemed spoofed at all. 10.0.0.0 is a reserved address block for private networks (ie: LAN's). Some email clients send the email to the exchange server with the address as the address they were given by the router. Since the machine has no clue what it's external IP is, it simply has to use the IP it was assigned (which happens to it's the internal IP). You can configure your mail client to send different addresses or even hostnames, if I remember correctly.

So, to me, this isn't any spoofing attempt or someone trying to hide themselves, just someone with a unconfigured mail client.

Hope that helps Smile


Lmao.


Author

RE: e-mail spoofing.....

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 31-12-09 02:13
wolfmankurd wrote:
stealth- wrote:
I'm not a routing expert, but to me it doesn't seemed spoofed at all. 10.0.0.0 is a reserved address block for private networks (ie: LAN's). Some email clients send the email to the exchange server with the address as the address they were given by the router. Since the machine has no clue what it's external IP is, it simply has to use the IP it was assigned (which happens to it's the internal IP). You can configure your mail client to send different addresses or even hostnames, if I remember correctly.

So, to me, this isn't any spoofing attempt or someone trying to hide themselves, just someone with a unconfigured mail client.

Hope that helps Smile


Lmao.


I'm sorry? What's funny?


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: e-mail spoofing.....


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-01-10 03:31
That there was no spoofing. And this guy has been racking his brains over it.


Author

RE: e-mail spoofing.....

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 01-01-10 09:26
wolfmankurd wrote:
That there was no spoofing. And this guy has been racking his brains over it.


Oh I see. Lol, thought I had said something really stupid in my earlier post for a moment Pfft


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 01-01-10 09:28
http://www.stealth-x.com