Home Computer Security Preventive Measure

Preventive Measure

Steps Performed to perform SMTP Injection attack:

  • Use input validation techniques such as whitelisting to filter input.
  • Newline characters are not allowed or rejected.
  • There are many email libraries that can be used to automatically defend against this type of attack.
  • Never trust user input. So test all possible inputs.

SMTP Injection

SMTP stands for Simple Mail Transfer Protocol. It is an application layer protocol that handles the sending, receiving, and forwarding of emails on the server. A client that wants to send an email first opens a TCP connection to the SMTP server and sends an email over that connection.

 

Similar Reads

Example:

Suppose there is an application requesting the following form to submit feedback:...

Steps Performed to perform SMTP Injection attack:

Step 1: Enter details in the feedback form as shown in the SMTP example above. Step 2:  Use any interception tool such as Burp Suite to intercept the request you make. Step 3: Inject malicious input into this capture request. step 4: Now send the infected email request as shown below....

Preventive Measure:

Use input validation techniques such as whitelisting to filter input. Newline characters are not allowed or rejected. There are many email libraries that can be used to automatically defend against this type of attack. Never trust user input. So test all possible inputs....

Tags:
#Ethical Hacking - Enumeration #Ethical Hacking

Steps Performed to perform SMTP Injection attack:

Contact Us

Categories
Learn the most popular programming languages in the world.