📄

Report #29415

Report Date
March 17, 2024
Status
Closed
Payout

DNS Misconfiguration | No Valid Spf Record

Report Info

Report ID

#29415

Report type

Websites and Applications

Has PoC?

Yes

Target

Impacts

Redirecting users to malicious websites

Description

There is an email spoofing vulnerability. Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation

Vulnerability Details

No Valid SPF Record for the domain https://app.bean.money, Thus by abusing it i can send any email to your customer and the email will come from admin@bean.money

Impact Details

Leads to Redirect Users to any website, can steal information, manipulate users details etc.

Proof of concept

1. Navigate to the given URL : https://www.kitterman.com/spf/validate.html? 2. Enter the domain name as https://app.bean.money 3. You can see that it says no valid spf record found 4. Now go to https://emkei.cz/ 5. Write a Message and send it to victim

BIC Response

This is not a valid bug report because bean.money already has SPF configured:

TXT @ v=spf1 a mx include:spf.forwardemail.net -all

Due to these reasons, we are closing the submission and no reward will be issued.