How to Forge Email

Want a computer you can telnet into and mess around with, and not get into trouble no matter what you do to it? I've set up my techbroker.com (206.61.52.33) with user xyz, password testtest for you to play with. Here's how to forge email to xyz@techbroker.com using telnet. Start with clicking start --> run --> Command.com or cmd.com and give the command:

C:\>telnet techbroker.com 25 (in Windows 98 or earlier there will be a box into which you put the port 25 number)

Connecting To Techbroker.com

220 <techbroker.com> Service ready

Now you type in who you want the message to appear to come from:

helo santa@techbroker.com
Techbroker.com will answer:

250 <techbroker.com> host ready

Next type in your mail from address:

mail from:santa@techbroker.com

250 Requested mail action okay, completed

Your next command:

rcpt to:xyz@techbroker.com
250 Requested mail action okay, completed

Your next command:
data

354 Start main input; end with <CRLF>.<CRLF>

Newbie note: <CRLF> just means hit return. In case you can't see that little period between the<CRLF>s, what you do to end composing your email is to hit enter, type a period, then hit enter again.

Anyhow, try typing:

This is a test.
.

250 Requested mail action okay, completed

quit

221 <techbroker.com> Service closing transmission channel

Connection to host lost.

Using techbroker's mail server, even if you enable full headers, the message we just composed looks like:

Status: R
X-status: N

This is a test.

That's a pretty pathetic forged email, huh? No "from", no date. However, you can make your headers better by using a trick with the data command. After you give it, you can insert as many headers as you choose. The trick is easier to show than explain:

220 <techbroker.com> Service ready
helo santa@northpole.org
250 <techbroker.com> host ready
mail from:santa@northpole.com
250 Requested mail action okay, completed
rcpt to:xyz@techbroker.com
250 Requested mail action okay, completed
data
from:santa@deer.northpole.org
Date: Mon, 21 Oct 2002 10:09:16 -0500
Subject: Rudolf
This is a Santa test.
.

250 Requested mail action okay, completed
quit
221 <techbroker.com> Service closing transmission channel

Connection to host lost.

The message then looks like:

from:santa@deer.northpole.org
Date: Mon, 21 Oct 2002 10:09:16 -0500
Subject: Rudolf
This is a Santa test.

The trick is to start each line you want in the headers with one word followed by a colon, and the a line followed by "return". As soon as you write a line that doesn't begin this way, the rest of what you type goes into the body of the email.

Notice that the santa@northpole.com from the "mail from:" command didn't show up in the header. Some mail servers would show both "from" addresses.

You can forge email on techbroker.com within one strict limitation.
Your email has to go to someone at techbroker.com. If you can find any way to send email to someone outside techbroker, let us know, because you will have broken our security, muhahaha! Don't worry, you have my permission.

Next, you can read the email you forge on techbroker.com via telnet.

First, some of the people who read email on this account have gotten infected with viruses, which in turn have sent viruses to this account. So you antivirus program will go nuts when reading lots of the email here. To read *just* the email you just forged, you will first want to find out how many emails total are in this account. Most of them will just be viruses. Yours will be the last or almost last (more viruses will come in often) in the account.

C:\>telnet techbroker.com 110

+OK <30961.5910984301@techbroker.com> service ready

Give this command:
user xyz
+OK user is known

Then type in this:
pass testtest
+OK mail drop has 112 message(s)

OK, so do you want to make sure that message 112 is yours and not some virus? here is how to tell. Long messages are usually viruses. Yours, presumably, was short. Here is the command that tells you how long the messages are: UIDL. The numbers will include letters of the alphabet, A, B, C, D, E and F and look like this:, with the number of the message on the left hand column:

105 410F821D
106 0013EF7F
107 158D4208
108 099C70B4
109 3E4E611B
110 2A726505
111 69D74CB4

This is hexadecimal, the base 16 numbering scheme used by many things having to do with computers. You don't have to do anything fancy to figure out what that hexadecimal number means in order to identify the size of your email if you used common sense and made it little.

In any case, if you use telnet to read an email that holds a virus, despite your antivirus program acting nuts, it won't infect your computer so don't worry.

All that said, here's how to read email using telnet.

retr 1
+OK message follows
This is a test.

If you want to know all possible commands for using telnet on a POP email server, give this command:

help
+OK help list follows
USER user
PASS password
STAT
LIST [message]
RETR message
DELE message
NOOP
RSET
QUIT
APOP user md5
TOP message lines
UIDL [message]
HELP

Of course you could use your own email client program to download email from this account, and you have my permission to download and delete all the email you want as well as forge it. However, doing it this way instead of via telnet is boring and most unhackerly.

Unless you use a weird online provider like AOL, you can use these same tricks to send and receive your own email. Or you can forge email to a friend by telnetting to his or her online provider's email sending computer(s). You may not be able to do this with any random email server, but you may be surprised to find out how many will let you do this.

Last Page             Next Page         Back To Secret Stuff Page


Free Credit Reports
Free DMV Links
Free Real Estate Forms
Free Secret Info Page
Free Crime Protection
Free Legal Forms
Free Classified Links
Free Auction Site Links
Free Business Forms
Free Government Programs
Free Web Business Ideas
Free Real Estate Reports
Free HTML Tutorial
Free Software Sources
Free Business Reports
Free Real Estate Glossary
Free Web Art
Car Tips