Skip to content

mikechabot/smtp-email-spoofer-py

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

smtp-email-spoofer-py

Python 3.x based email spoofer

For educational purposes only. Do not send to or from addresses that you do not own.

Email spoofing is often used for spam campaigns and phishing attacks. If you use this tool inappropriately, you could violate of the CAN-SPAM Act of 2003 and/or the Computer Fraud and Abuse Act. You'd also be committing wire fraud. Use your head.


Table of Contents

  1. $ git clone https://github.com/mikechabot/smtp-email-spoofer-py.git
  2. Activate virtualenv
  3. $ pip install -r requirements.txt
  4. $ python spoof.py

Instructions on creating and activating virtualenv can be found here: https://packaging.python.org/guides/installing-using-pip-and-virtual-environments/

smtp-email-spoofer-py offers two global commands: wizard and cli:

$ py spoof.py -h
usage: spoof.py [-h] {wizard,cli} ...

Python 3.x based email spoofer

optional arguments:
  -h, --help    show this help message and exit

commands:
  {wizard,cli}  Allowed commands
    wizard      Use the step-by-step wizard
    cli         Pass arguments directly

Issue the wizard command to use the step-by-step wizard:

$ py spoof.py wizard
  1. Enter the SMTP server information to establish a connection over TLS:

logo

  1. Optionally provide credentials to login to the SMTP server:

logo

  1. Compose the forged message:

Load the HTML message body from a file, or compose it within the shell

logo

  1. Send the message:

logo


Issue the cli -h command to view the help:

$ py spoof.py cli -h
usage: spoof.py cli [-h] (--noauth | --username USERNAME)
                    [--password PASSWORD] --host HOST --port PORT --sender
                    SENDER --name NAME --recipients RECIPIENTS
                    [RECIPIENTS ...] --subject SUBJECT --filename FILENAME

optional arguments:
  -h, --help            show this help message and exit
  --noauth              Disable authentication check
  --username USERNAME   SMTP username
  --password PASSWORD   SMTP password (required with --username)

required arguments:
  --host HOST           SMTP hostname
  --port PORT           SMTP port number
  --sender SENDER       Sender address (e.g. spoofed@domain.com)
  --name NAME           Sender name (e.g. John Smith)
  --recipients RECIPIENTS [RECIPIENTS ...]
                        Recipient addresses (e.g. victim@domain.com ...)
  --subject SUBJECT     Subject line
  --filename FILENAME   Message body filename (e.g. example.html)
  1. Issue the cli command along with the appropriate arguments:

If --noauth is not specified, --username and --password are required.

logo


Result

logo

Releases

No releases published

Packages

No packages published