What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

More Email Forging

Trying 129.24.96.10...
 Connected to callisto.unm.edu.
 Escape character is '^]'.
 220 callisto.unm.edu Smail3.1.28.1 #41 ready at Fri, 12 Jul  96 12:17 MDT

Hey, get a look at this! It didn't ask us to log in. It just says...ready!

Notice it is running Smail3.1.28.1, a program used to compose and send email.

Ohmigosh, what do we do now? Well, if you really want to look sophisticated, the next thing you do is ask callisto.unm.edu to tell you what commands you can use. In general, when you get on a strange computer, at least one of three commands will get you information: "help," "?", or "man." In this case I type in:

 help

 ... and this is what I get

250 The following SMTP commands are recognized:
250
250    HELO hostname      startup and give your hostname
250    MAIL FROM:<sender address>  start transaction from sender
250    RCPT TO:<recipient address>    name recipient for message
250    VRFY <address>           verify deliverability of address
250    EXPN <address>                expand mailing list address
250    DATA                          start text of mail message
250    RSET                        reset state, drop transaction
250    NOOP                              do nothing
250    DEBUG [level]              set debugging level,default 1
250    HELP                           produce this help message
250    QUIT                              close SMTP connection
250
250 The normal sequence of events in sending a message is to state the
250 sender address with a MAIL FROM command, give the recipients with
250 as many RCPT TO commands as are required (one address per command)
250 and then to specify the mail message text after the DATA command.
250 Multiple messages may be specified.  End the last one with a QUIT.

Getting this list of commands is pretty nifty. It makes you look really kewl because you know how to get the computer to tell you how to hack it. And it means that all you have to memorize is the "telnet <hostname> 25 " and "help" commands. For the rest, you can simply check up on the commands while on-line. So even if your memory is as bad as mine, you really can learn and memorize this hack in only half an hour. Heck, maybe half a minute.

OK, so what do we do with these commands? Yup, you figured it out, this is a very, very primitive email program. And guess why you can get on it without logging in? Guess why it was the point of vulnerability that allowed Robert Morris to crash the Internet?

Port 25 moves email from one node to the next across the Internet. It automatically takes incoming email and if the email doesn't belong to someone with an email address on that computer, it sends it on to the next computer on the net, eventually to wend its way to the person to who this email belongs.

Sometimes email will go directly from sender to recipient, but if you email to someone far away, email may go through several computers.

There are millions of computers on the Internet that forward email. And you can get access to almost any one of these computers without a password! Furthermore, as you will soon learn, it is easy to get the Internet addresses of these millions of computers.

More how to forge email -->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

 

Return to the index of Guides to (mostly) Harmless Hacking!

 © 2013 Happy Hacker All rights reserved.