Vulnerability Report (DMARC RECORD)
arslan.whitehat at inbox.eu
arslan.whitehat at inbox.eu
Thu Mar 18 10:55:06 GMT 2021
Hello Team,
I am a security researcher and I founded this vulnerability.
I just sent a forged email to my email address that appears to originate from kde-www at kde.org. I was able to do this because of the following DMARC record:
DMARC record lookup and validation for: kde.org
" No DMARC Record found "
How To Reproduce(POC-ATTACHED IMAGE):-
1.Go To- mxtoolbox.com/DMARC.aspx
2.Enter the Website.CLICK GO.
3.You Will See the fault(DMARC Quarantine/Reject policy not enabled)
Fix:
1)Publish DMARC Record.
2)Enable DMARC Quarantine/Reject policy
3)Your DMARC record should look like
"v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:info at domain.com"
For more information you can use this blog
(https://sendgrid.com/blog/what-is-dmarc/).
<?php
$to = "VICTIM at example.com";
$subject = "Password Change";
$txt = "Change your password by visiting here - [VIRUS LINK HERE]l";
$headers = "From:kde-www at kde.org";
mail($to,$subject,$txt,$headers);
?>
Reference : https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkim-dmarc_records
Let me know if you need me to send another forged email, or if have any other questions.
Hoping for the bounty for my ethical Disclosure.
Best Regards
Security Researcher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kde DMARC RECORD.png
Type: application/octet-stream
Size: 124607 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-www/attachments/20210318/d8733422/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kde FORGED EMAIL.png
Type: application/octet-stream
Size: 51658 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-www/attachments/20210318/d8733422/attachment-0003.obj>
More information about the kde-www
mailing list