Hi team
I found this vulnerability
in your website :gptconsole.ai
Vulnerability Type: Email Spoofing Due to No Valid SPF record
I found out that there is no protection for your SMTP against email spoofing for the Following.
info@gptconsole.ai
POC :
Attached
As a result, An attacker would send a Fake email from: info@gptconsole.ai
The victim is aware of fake emails attacks, But when he sees that the mail originated from: info@gptconsole.ai , He has no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his ABOVE VULNERABLE DOMAINS Sensitive Informations.
TEST SCRIPT:
<?php
$to = "VICTIM@email.com";
$subject = "[URGENT] VULBERA WEB PASSWORD RESET LINK or Payment request";
$txt = "Click here! - [VIRUS LINK HERE]";
$headers = "From: attacker@VulnerableDOMAINabove.com";
mail($to,$subject,$txt,$headers);
?>
Impact
Case 1 :
we can Send Fake Email Of Password Reset link where we can attached out fake page to extract password of Victim
Case 2 :
Fake Payment Request From Department Like if attacker send email that he needs $500 or more For the Following work blah blah on the following paypal or etc and send it To Admin
Using Email like
info@gptconsole.ai
So the admin or payment head will see that this email came from his own domain from their payment department and he can send it due to a trusted domain name.
Hi team I found this vulnerability in your website :gptconsole.ai Vulnerability Type: Email Spoofing Due to No Valid SPF record
I found out that there is no protection for your SMTP against email spoofing for the Following. info@gptconsole.ai
POC : Attached
As a result, An attacker would send a Fake email from: info@gptconsole.ai The victim is aware of fake emails attacks, But when he sees that the mail originated from: info@gptconsole.ai , He has no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his ABOVE VULNERABLE DOMAINS Sensitive Informations.
TEST SCRIPT:
<?php $to = "VICTIM@email.com"; $subject = "[URGENT] VULBERA WEB PASSWORD RESET LINK or Payment request"; $txt = "Click here! - [VIRUS LINK HERE]"; $headers = "From: attacker@VulnerableDOMAINabove.com"; mail($to,$subject,$txt,$headers); ?>
Impact
Case 1 :
we can Send Fake Email Of Password Reset link where we can attached out fake page to extract password of Victim
Case 2 :
Fake Payment Request From Department Like if attacker send email that he needs $500 or more For the Following work blah blah on the following paypal or etc and send it To Admin Using Email like info@gptconsole.ai
So the admin or payment head will see that this email came from his own domain from their payment department and he can send it due to a trusted domain name.
Looking after your response Thanks.