Email Spoofing?

When i tried the setoolkit in kali linux to send email to even after doing everything correctly i was not able to send email. It says email has been sent but actually nothing happens and when i try to send email i need the senders email id and password both… That means the email id provided has to be authentic. Is there any way i could send an email to an user from a email that actually does not even exist??

1 Like

@DarkLord Can you explain about your attack? Give more detail and I may be able to help you out better.

Yes man , you can get disposable email addresses online . And if that doesn’t work then make use of yandex.com . This website provides email services and you can create a fake email account very easily . No need of a mobile number. But make sure that you won’t create an account in this website in the device you use regularly. Because when you sign-up the website asks you to allow to save a cookie . This cookie has an ability to uniquely identify your device. So be careful and while signing up make sure that you use a tor network and proxychains with vpn . And also make sure that you aren’t using your regular internet source , make use of a public WiFi.

2 Likes

@Cyber_saviour I think @DarkLord is talking something different here. But if you wan’t to use a fake email service you can use this: https://emkei.cz/

2 Likes

@D4rkhunt3r No , i guess he was talking something about sending a mail which never existed before to someone . But fortunately this website can also do the job . So some how you are right .

serveo link not generated in shellphish, so noob of me :joy: anyone can help?

https://10minutemail.com/10MinuteMail/index.html?dswid=3781

1 Like

Try ngrok link. It always work. If the problem continues then re-install shellphish or try another phishing framework

2 Likes

Thanks a lot… i did not knew about this service… It is cool. But i think if it logs in cookies that could uniquely identify my system? Is it that safe?

i am afraid that link is not working for me… Any ways thanks for the help, but i was more of searching for something in kali linux. May be a good git hub repository could do that. Because signing in a website is some what not safe i suppose which may compromise my anonymity.

Basically i am talking about social engineering. Say for example i am an employee of a company and i think my fellow colleague is back stabbing me by making some conspiracy with my boss. So i want to send him an email as my boss’s email id. So that when he receives the email, it should appear that it came from his boss. Just to take out some truth about him or may be i can implant a malware into his system and setup a backdoor to gain access to all the information he has.

I hope that explains a scenario what I want to do.
Thank You

If you use a Vpn you should stay anonymous even if it was to collect cookies, It was also created for privacy the email addresses are void after 10 mins. Make it a habit to clear Ur cookies as a lot of places are watching them for future advertisements and sales along with other things. Just giving options :slight_smile: another place is Mail.com :wink:

10minutemail service is better than all of this… but does it allow to make any domain of my choice?

How safe/secure/private is 10MinuteMail?

Unlike many similar temporary e-mail services, 10MinuteMail is built around privacy and security. You get a private unique e-mail address that no one else gets. You are the only person who can see that e-mail’s inbox. No one else can see your e-mail. Period.

No It just generates a random one for u… I’m sure if u clicked in and out of the site it would keep changing until u got one u liked.

U may need to go buy a domain. senerio being “BOSS @ company name. com”. Just look thru the domains see if anything is close to ur bosses email address, Or one that is simular to ur company domain. If that makes sense. :wink:

2 Likes

@DarkLord Mouse is correct in saying to buy a domain close to your company domain you are testing. “Example” if your bosses email was [email protected] you would look to buy the domain targetcompany.co . If the domain is available you buy it and set up email creating the email [email protected] and send email to your target.

1 Like

u can use tempmail to send email to other person but its not actually yours its like fake id for few min

Dance like no one is watch…Email like it’s going to be read in a deposition some day…

1 Like

you hack any email or not

I made a PHP SMTP based email spoofer its on my github alls you need is PHP installed and SMTP on a server.

https://github.com/lol0wned

1 Like