[Bah-tagonius] [Bah-general] Missing SPF

Secure Web secureweb23 en gmail.com
Mie Ene 27 13:08:07 CET 2021


Hi,

I'm an independent cyber security researcher i have found multiple issues
in your website.

Vulnerability : Missing SPF


I am just looking at your SPF records then found following. SPF Records
missing safe check which can allow me to send mail and phish easily any
victim.

PoC:

<?php

$to = "VICTIM en example.com";

$subject = "Password Change";

$txt = "Change your password by visiting here - [VIRUS LINK HERE]l";

$headers = "From: https://www.alidropstore.com/";

mail($to,$subject,$txt,$headers);

?>

  SPF record lookup and validation for: ourproject.org

SPF records are published in DNS as TXT records.

The TXT records found for your domain are:
google-site-verification=5X82i4YusPOi9SFgcLejX0p5zr-RVkAeMjIcKD6-11E
keybase-site-verification=6IadbJzgiOL0KIQiLqw_1e9vPEVXhXiOE1PrikgmhgY
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org ~all

Checking to see if there is a valid SPF record.

DNS: Truncated UDP Reply, SPF records should fit in a UDP packet, retrying
TCP

Found v=spf1 record for ourproject.org:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org ~all

Fix:

    SPF record lookup and validation for: ourproject.org

SPF records are published in DNS as TXT records.

The TXT records found for your domain are:
google-site-verification=5X82i4YusPOi9SFgcLejX0p5zr-RVkAeMjIcKD6-11E
keybase-site-verification=6IadbJzgiOL0KIQiLqw_1e9vPEVXhXiOE1PrikgmhgY
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org -all

Checking to see if there is a valid SPF record.

DNS: Truncated UDP Reply, SPF records should fit in a UDP packet, retrying
TCP

Found v=spf1 record for ourproject.org:
v=spf1 mx ip4:168.119.136.67/32 ip4:159.69.75.86/32 ip4:159.69.75.87/32 ip4:
168.119.136.88/32 ip4:168.119.136.79/32 ip4:80.81.122.32/27 a:
snowden.comunes.org a:snowden-02.comunes.org a:howard.comunes.org a:
ada.comunes.org a:stallman.comunes.org a:rms.comunes.org a:
selver.comunes.org a:ci.comunes.org a:mailhost.ourproject.org -all

You can refer this
https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability

Let me know if any further info is required.
Regards.
Found More bugs on your website reply me so that i may disclose them
further.
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://lists.ourproject.org/pipermail/bah-tagonius/attachments/20210127/2be245a1/attachment.html>
------------ próxima parte ------------
_______________________________________________
Bah-general mailing list
Bah-general en lists.ourproject.org
https://lists.ourproject.org/cgi-bin/mailman/listinfo/bah-general


Más información sobre la lista de distribución Bah-tagonius