for those who don't know what a backscatter attack is: you send mass mails with a fake reply-to entry and non-existing recepient and the bounced mails are sent back to the victim you have set as sender/reply-to.
and now the funny part: I just did that to myself by importing a load of posts into a Wordpress site on my home server....the site has a mailing list and labeled all the imported posts as "new" and tried to send out notifications to all subscribers for each single post.
backscattered myself >.<
Re: backscattered myself >.<
LOL >_<
Which reminds me, I should put those in a separate mail folder xD
Which reminds me, I should put those in a separate mail folder xD
"The best place to hide a tree, is in a forest"
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: backscattered myself >.<
what you mean? you backscatter yourself on a regular basis? XD
Re: backscattered myself >.<
Well, no not really XDbad_brain wrote:what you mean? you backscatter yourself on a regular basis? XD
But you never know if people start getting ideas about this x)
"The best place to hide a tree, is in a forest"
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: backscattered myself >.<
erm...well....honestly speaking that little accident gave me some ideas...
Re: backscattered myself >.<
Yeah same here .... thus taking precautions xDbad_brain wrote:erm...well....honestly speaking that little accident gave me some ideas...
Never really thought about that before, so I guess most other people haven't either (so I'm in no rush to fix it)
"The best place to hide a tree, is in a forest"
Re: backscattered myself >.<
lol the boon of cut and paste - you never know what code lies hidden inside. or what applications will do with the paste..
hmm what ideas you guys got for lulz
DNR
hmm what ideas you guys got for lulz
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: backscattered myself >.<
well...mine is: a Wordpress site on a home server can be used as backscatter attack tool by using the "network publisher" plugin...
no need to code anything on your own, you just load a lot of bogus gmail addresses (simply create a list with a little shell script) into the subscriber database, hide behind a proxy and then load a thousand posts into the database (also easy to generate a sql dump of that kind). let's assume you have 1000 posts and 1000 "subscribers": generates 1.000.000 bounce messages sent to the address you have set as admin in the Wordpress backend.
oops, just checked and have to correct myself: it is NOT the "network publisher" plugin, it's the "subscribe 2" one:
no need to code anything on your own, you just load a lot of bogus gmail addresses (simply create a list with a little shell script) into the subscriber database, hide behind a proxy and then load a thousand posts into the database (also easy to generate a sql dump of that kind). let's assume you have 1000 posts and 1000 "subscribers": generates 1.000.000 bounce messages sent to the address you have set as admin in the Wordpress backend.
oops, just checked and have to correct myself: it is NOT the "network publisher" plugin, it's the "subscribe 2" one:
Code: Select all
http://subscribe2.wordpress.com/
Re: backscattered myself >.<
The ideas in this thread are getting dangerously funny xD
"The best place to hide a tree, is in a forest"
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: backscattered myself >.<
*educational purposes*