Hi team I hope you're having a good day, It's been a while I haven't heard from you. I want to inquire about the bug bounty for reporting the vulnerability. -Zeus On Mon, Feb 28, 2022 at 10:34 PM Cyber Zeus wrote: > Hi team, > It's been a while, Kindly update me with the report that I've reported. > -Zeus > > > On Tue, Dec 14, 2021 at 12:20 AM Cyber Zeus > wrote: > >> Hi team, >> Kindly update me with the report that i've reported. >> -zeus >> >> On Tue, Jul 13, 2021 at 11:02 AM Cyber Zeus >> wrote: >> >>> Hi team >>> Kindly update me with the bug that I have reported. >>> -Zeus >>> >>> On Mon, Jun 28, 2021 at 10:28 PM Cyber Zeus >>> wrote: >>> >>>> Hi Team, >>>> I am an independent security researcher and I have found a bug in your >>>> website >>>> The details of it are as follows:- >>>> >>>> Description: This report is about a misconfigured Dmarc/SPF record >>>> flag, which can be used for malicious purposes as it allows for fake >>>> mailing on behalf of respected organizations. >>>> >>>> About the Issue: >>>> As i have seen the DMARC record for >>>> gnu.org >>>> >>>> which is: >>>> DMARC Policy Not Enabled >>>> DMARC Not Found >>>> >>>> As u can see that you Weak SPF record, a valid record should be like:- >>>> >>>> DMARC Policy Enabled >>>> What's the issue: >>>> An SPF/DMARC record is a type of Domain Name Service (DNS) record that >>>> identifies which mail servers are permitted to send an email on behalf of >>>> your domain. The purpose of an SPF/DMARC record is to prevent spammers from >>>> sending messages on the behalf of your organization. >>>> >>>> Attack Scenario: An attacker will send phishing mail or anything >>>> malicious mail to the victim via mail: >>>> >>>> bug-gnuzilla@gnu.org >>>> >>>> >>>> even if the victim is aware of a phishing attack, he will check the >>>> origin email which came from your genuine mail id >>>> bug-gnuzilla@gnu.org >>>> >>>> >>>> so he will think that it is genuine mail and get trapped by the >>>> attacker. >>>> The attack can be done using any PHP mailer tool like this:- >>>> >>>> >>> $to = "VICTIM@example.com"; >>>> $subject = "Password Change"; >>>> $txt = "Change your password by visiting here - [VIRUS LINK HERE]l"; >>>> $headers = "From: >>>> >>>> bug-gnuzilla@gnu.org >>>> >>>> ";mail($to,$subject,$txt,$headers); >>>> ?> >>>> >>>> U can also check your Dmarc/ SPF record form: MXTOOLBOX >>>> >>>> Reference: >>>> https://support.google.com/a/answer/2466580?hl=en >>>> have a look at the GOOGLE article for a better understanding! >>>> >>>> [image: image.png] >>>> [image: image.png] >>>> >>>