SPF(Sender Policy Framework) Vulnerability
There are enormous number of vulnerabilities out there but today I'm going to discuss a very common and basic vulnerability known as SPF.
SPF may come under as an Informational or Out of Scope vulnerability most of the times but Bug Bounty programs of HackOne do provide money for reporting this vulnerability.
SPF stands for Sender Policy Framework so, in this vulnerability the official mail domain can be forged to send Fake mails using official mail address. This generally happens due to a small mistake by developers in the TXT records.
"v=spf1 -all" instead of dash '-' sign they use tilde '~' sign.
Due to this vulnerability anyone can send a mail to a legitimate user via legitimate mail domain address. Since, it voilates the authencity of the mail so, it can be very harmful.
Some websites also use DMARC(Domain-based Message Authentication, Reporting & Conformanc) to bypass this as it will directly send those mails to spam. So, before reporting always check whether they have activated DMARC.
You can also refer to this website to gain further knowledge about DMARC - https://dmarc.org/
Use this website to check SPF record of any website - https://www.kitterman.com/spf/validate.html?
Use this to send a fake mail -
I hope that I have explained this to you guys in an easy way.
Please share your comments and If you enjoyed this blog post, share it with a friend! See you guys in next post soon.