Daniel G. Graham Ph.D

Office Rice 411

Email Spoofing HomeWork

Notes

  1. IMPORTANT You will need to be attached to UVA VPN [Intructions]
  2. Your program must not take user input (although you can do that during testing). It must only send a single pre-defined email.
  3. You should work on this project individually but if you already started working in teams that is O.K since the instructions were not clear. But each person should submit a copy of the code to collab including the screenshot.
  4. Download Metasploitable3 Virtual Machine

Project 1: Sending an Email

This project is divided into two parts. In the first part, you use telnet to manually send mail through an SMTP mail server. In the second part, you write code to perform the same action. While the first part is not graded, it is recommended that you do it as it makes the second part easier.

Part 0: Sending Email with Telnet (to a real SMTP server)

When you do this project, you should try to send an email to yourself.. In this case, the following command will establish a TCP connection to the cs mail server. (Notice that the port number 25 is specified on the command line.)

telnet mail.cs.virginia.edu 25

At this point, the telnet program will allow you to enter SMTP commands and will display the responses from the mail server. For example, the following sequence of commands would send email to Marques from Charlotte:

HELO crepes.fr
MAIL FROM: <Charlotte@crepes.fr>
RCPT TO: <Marques@someschool.edu>
DATA
SUBJECT: hello
Hi Marques, How's the weather? Charlotte.
.
QUIT

The SMTP protocol was originally designed to allow people to manually interact with mail servers in a conversational manner. For this reason, if you enter a command with incorrect syntax, or with unacceptable arguments, the server will return a message stating this, and will allow you to try again.

501 5.5.4 Syntax: MAIL FROM:

Once you have completed this exchange you will notice that the CS server has rejected this message as SPAM. So test your solution you are going need to testing on your own mail server. See Part 1 below.

Part 1: Setting up your own mail server

To demonstrate this, we will setup up a metasploitable server.

  1. Download the free version of vmplayer. (You can also use virtual box if you already have it installed or just like it more.)
  2. Download the metasploitable vm Metasploitable3 Virtual Machine
  3. (Username msfadmin Password: msfadmin)
  4. Obtain the IP-address of your virtual machine (ifconfig)
  5. You will use the virtual machine for part 2. Where you will write a program that sends this message for you. Send your message to <sys> this mail server will not act as a relay.
  6. Edit the settings on your virtual machine and change the Network Adapter Bridged (This exposes your machine to rest of your network so you don’t keep this machine up when you are not using it) (Restart the machine)

This is an Ubuntu Server that has a poorly configured SMTP server running on it. (Allows for telnet connection for example. This makes our life easier but is generally not a secure option)

To check to see if your mail spoofing worked. View the code for sys mailbox on the METAsplotiable machine, by running the code in the figure below.

sudo cat /var/spool/mail/sys

 

Part 2: Sending Email with Code

Programming languages often provide libraries for sending an email using the SMTP protocol, however, we will not be using these! We will instead be using a TCP socket directly and manually interacting with an SMTP mail server.

Your code should establish a TCP connection with the mail server, send the necessary commands to send a predefined email, and ensure that the correct response codes are received from the mail server.

You may write your code in Python3. See the code snippets below.  The server comes with a couple accounts already on it. You can send to <sys> (Don’t include any domains)


#!/usr/bin/env python3

# Include needed libraries. Do _not_ include any libraries not included with
# Python3 (i.e. do not use `pip`).
import socket


# Establish a TCP connection with the mail server.


# Read greeting from the server
data = s.recv(BUFFER_SIZE)
response = data.decode('utf-8')

if not response.startswith('220'):
	raise Exception('220 reply not received from server.')

# Send HELO command and get server response.
cmd_HELO = 'HELO alice\r\n'
print(cmd_HELO)
s.send(cmd_HELO.encode())

response = s.recv(4096).decode('utf-8')
print(response)

if not response.startswith('250'):
    raise Exception('250 reply not received from server.')


# Send MAIL FROM command.


# Send RCPT TO command. You will send to <sys> which account on the VM.


# Send DATA command.


# Send message data.


# End with line with a single period.


# Send QUIT command.


# Close the socket when finished.
s.close()

Submit

Submit a screenshot after running that command. With sensing message from cheif@cia.gov to sys

sudo cat /var/spool/mail/sys

 

%d bloggers like this: