#timolongin — Public Fediverse posts

Timo Longin @login introduces SMTP smuggling, a novel technique to spoof fully SPF-validated emails from various popular domains including @microsoft.com.

Wow. It's incredible nobody found this before. It's the first of its kind. Probably not the last...!

https://youtu.be/V8KPV96g1To

Related:
https://media.ccc.de/v/37c3-11782-smtp_smuggling_spoofing_e-mails_worldwide
https://www.postfix.org/smtp-smuggling.html
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling

#SmtpSmuggling #37C3 #SMTP #vulnerability #infosec #TimoLongin #security

SPF-valid spoofed mail from [email protected] 😈 ?

Timo Longin @login stumbled upon SMTP Smuggling while looking for vulnerabilities in the Simple Mail Transfer Protocol.

Great work and great talk!

#Smtp #SmtpSmuggling #TimoLongin #37c3

https://media.ccc.de/v/37c3-11782-smtp_smuggling_spoofing_e-mails_worldwide

Everyone attending #SECConsult #TimoLongin's #37c3 #SMTPSmuggling talk
https://events.ccc.de/congress/2023/hub/en/event/smtp_smuggling_spoofing_e-mails_worldwide/
at least boo them for shitting the devs in the face right before holidays.

Everyone attending #SECConsult #TimoLongin's #37c3 #SMTPSmuggling talk
https://events.ccc.de/congress/2023/hub/en/event/smtp_smuggling_spoofing_e-mails_worldwide/
at least boo them for shitting the devs in the face right before holidays.

Everyone attending #SECConsult #TimoLongin's #37c3 #SMTPSmuggling talk
https://events.ccc.de/congress/2023/hub/en/event/smtp_smuggling_spoofing_e-mails_worldwide/
at least boo them for shitting the devs in the face right before holidays.