Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20211
HistoryJul 22, 2008 - 12:00 a.m.

E-Mail header Injection in HiFriend

2008-07-2200:00:00
vulners.com
22
JSON

-------Header Injection----------

Script: hifriend.pl
Vendor: Hibyte
SoftwareVersion: The free one you get from many webpages
Dork: "hifriend.pl" + "cgi-bin"

---------------Infos---------------

This Exploit allows you to:

  • send spam
  • send fakemails
  • E-Mail spoofing

Whit the google dork, you find a lot of pages using HiFriend.
A lot of Servers to send spam with.
Modify the source of the Exploit to change the message, your
spoofed e-mail, and the receiver.

Oh and you can send multiple mails!
Just put a comma behind a mail adress.

--------------Exploit---------------

http://perforin.dark-codez.com/Perl-Scripts/hifriend-xploit.txt

---------Visit & Greetings--------

www.DarK-CodeZ.com

Greetings to all my Friends ;)

Testen Sie Live.com - die schnelle, personalisierte Homepage, ΓΌber die Sie auf alle fΓΌr Sie
relevanten Inhalte zentral zugreifen kΓΆnnen.
http://www.live.com/getstarted

JSON