Spoofing Email with Telnet Telnet, as you may already know, is an insecure form of remote access. Passwords are sent in plain text, and many people remove it from their computers completely since it's buggy. But we can use it to our advantage - for instance MUDs (Multi User Dungeons - REALLY fun) or spoofing email. Spoofing email: 1. Open up your CL (Command Line) 2. Open up your web browser 3. go to www.centralops.net 4. click domain dossier 5. check all of the boxes, and type in the domain where the mail server lies (For instance, for ********* you would do www.******.us because the mail server is @********.us, get it?) 6. Take a look at the results. Down at the bottom of the page, there will be a list of the DNS records. Look for the type of MX (Mail eXchange) If there are multiple, we want the one with the lowest number. 7. Back to your command line - type in 'telnet MAILSERVER' 8. Now, try not to enter too many bad commands or you get disconnected. The good ones end in a reply saying '250' and some other stuff. 250 = good, anything else = bad 9. Greet the server... 'helo server' 10. Now, you can only send mail to those on the mail server, and only FROM those on the mail server. 11. type 'mail to XXXX' this is where you type in who the email is going to. sometimes you will need a colon after the 'to', but i have never found this to be true. 12. type 'rcpt from: XXXX' yes there's a colon here but not up there ^^^^ this is who the email will be from (where you actually get spoofing). This address has to be an address that is located on the mail server. 13. type 'data' this will return no response. 15. type 'From: XXXXX' this is where you will type what you want the spoofee to see the mail is from. Example: When you send an email to your friend, he will see that the mail is from 'Joe Bob' and/or 'joe.bob@evilpeople.net'. The 14. type 'Subject: XXXX' 15. type your message 16. end it with , a '.', and . 17. type 'RSET' 18. type 'NOOP' 19. type 'QUIT' and your done!