gpmayorga
commented
1 year ago All recomnmended TXT records related to security are set in the centrifuge.io domain, including SPF, one can see it on the same link @roony0072 was suggesting https://mxtoolbox.com/SuperTool.aspx?action=spf%3acentrifuge.io&run=toolpage
Sending using the forge tool mentioned also draws no results (email never gets to me)
Hello Team,
Vulnerability Name: Missing SPF Flag
Vulnerability Description:
An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Checking Missing SPF:- There Are Various Ways of Checking Missing SPF Records on a website But the Most Common and Popular way is kitterman.com
Steps to Check SPF Records on a website:- Enter Target Website Ex: target.com (Do Not Add https/http or www) Hit Check SPF (IF ANY)
Attack Scenario & PoC:-
Once There is No SPF Records. An Attacker Can Spoof Email Via any Fake Mailer Like Emkei.cz or https://anonymousemail.me/ . An Attacker Can Send Email From name "Support" and Email: "support@target.com" With Social Engineering Attack he Can Take Over User Account Let Victim Knows the Phishing Attack but when he See the Email from the Authorized Domain. He Got tricked Easily.
Vulnerable Domain: centrifuge.io
For testing i am forging admin@centrifuge.io
How to reproduce this
go to https://emkei.cz/
fill all the details like Name - Centrifuge email - admin@centrifuge.io
to - your email address send email
it will directly send a mail from admin@centrifuge.io to you.
You can check SPF Record details on mxtoolbox.com. https://mxtoolbox.com/spf.aspx
Providing you screen shot.
Regards, Rohan Patil