[Bah-guinda] [Bah-general] Missing SPF
secure head
securehead53 en gmail.com
Lun Jul 26 23:31:42 CEST 2021
Hi,
I'm an independent cybersecurity researcher I have found multiple issues on
your website.
Vulnerability: Missing SPF
I am just looking at your SPF records then found the following. SPF Records
missing safe checks which can allow me to send mail and phish easily any
victim.
PoC:
<?php
$to = "VICTIM en example.com";
$subject = "Password Change";
$txt = "Change your password by visiting here - [VIRUS LINK HERE]l";
$headers = "From: https://www.alidropstore.com/";
mail($to,$subject,$txt,$headers);
?>
paste your result here
SPF record lookup and validation for: ourproject.org
SPF records are published in DNS as TXT records.
The TXT records found for your domain are:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org ~all
google-site-verification=5X82i4YusPOi9SFgcLejX0p5zr-RVkAeMjIcKD6-11E
keybase-site-verification=6IadbJzgiOL0KIQiLqw_1e9vPEVXhXiOE1PrikgmhgY
Checking to see if there is a valid SPF record.
DNS: Truncated UDP Reply, SPF records should fit in a UDP packet, retrying
TCP
Found v=spf1 record for ourproject.org:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org ~all
evaluating...
SPF record passed validation test with pySPF (Python SPF library)!
Fix:
paste your result here
SPF record lookup and validation for: ourproject.org
SPF records are published in DNS as TXT records.
The TXT records found for your domain are:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org -all
google-site-verification=5X82i4YusPOi9SFgcLejX0p5zr-RVkAeMjIcKD6-11E
keybase-site-verification=6IadbJzgiOL0KIQiLqw_1e9vPEVXhXiOE1PrikgmhgY
Checking to see if there is a valid SPF record.
DNS: Truncated UDP Reply, SPF records should fit in a UDP packet, retrying
TCP
Found v=spf1 record for ourproject.org:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org -all
evaluating...
SPF record passed validation test with pySPF (Python SPF library)!
You can refer this
https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability
Let me know if any further info is required.
Regards.
Found More bugs on your website reply to me so that I may disclose them
further and tell me the payout for these responsible vulnerability
disclosures.
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://lists.ourproject.org/pipermail/bah-guinda/attachments/20210727/1e327d48/attachment.html>
------------ próxima parte ------------
_______________________________________________
Bah-general mailing list
Bah-general en lists.ourproject.org
https://lists.ourproject.org/cgi-bin/mailman/listinfo/bah-general
Más información sobre la lista de distribución Bah-guinda