The wonderful and evil world of e-mail The art of e-mail forging and tracing explained in one simple text This is my second article on hacking my first being the ethics of a true hacker which is available on my website at http://www.angelfire.com/co/hackethics/index.html. This article will touch on the subject of mail forgery and tracing. Please beaware any info learned this article is to be used only for the purposes of information and not wrong doing. The Mob Boss will in no way be responsible for your stupidity. Now on with the article. Now there has been several guides written about this on the internet yet a lot of people still don't understand or haven't have read about it yet. Most of the guides fail to show you how to find a willing server as well since that is the major problem these days. I. Forgery -E-mail forging, how is this done? This is quite easy to do as long as you can type and boot up telnet. Telnet is a program for connecting to remote hosts and it ships with 95/98. To run this program simply goto run then telnet or the ms-dos prompt then simply type telnet while in the c:\windows. Thats simple enough and I hope that every newbie hacker who is running windows becomes good freinds with telnet because if you want to ever want to hack your going to do it through it telnet that is for sure when you are running windows for your main operating system. Now the second step is connecting to a remote host, the computer you want to do this from. Now I will almost garuntee on your first shot you will not get to forge mail your first time because over the years sercurity has become better and sysadmins are stoping the routing of mail. Anyways, click file and then remote host. This brings up a box in which you choose a port and a host. Now for port notice that a default value of telnet is in there. Thats the ! ! ! equivelent of port 23. That is used to physically log into a system such as into your ISP shell account which allows you to give unix commands to one of your ISP's computers. We won't be working with that default port, the telnet one, we will be working with port 25 the SMTP port which is the port that sends out mail. This is the port which mail forging, mailbombers, and those sendmail exploits you see so much of occur on. So lets begin by choosing a host and then a port 25. Now if this doesn't work on the first computer don't get discouraged thats the best trait a hacker can display, persistance. Now when we telnet in we will be dislayed with a welcome message which will have the computer's name and hostname. It will be followed by the daemon software they are using usually sendmail, which runs on a UNIX platform and is to say the least an intruders best freind in gaining root. Now the second step is to greet the computer (they have feelings too you know): helo Dreamer.Foobar.com Then the computer will say hello and will display where they logged you from. The next thing to do is to specify a return address. For this put in any god damn thing you want, remember you are in controll muhahahahahah: mail from: President@whitehouse.gov Now if everything goes according to plan and the machine allows routing well then bingo you won the booby prize. But were getting ahead of ourselves there is still another crucial step. We have to specify a recipent which will tell us wether or not this computer wants to be our freind or not: rcpt to: Lewinsky@interns.com Now if you get a message such as, Sorry routing not allowed, well then your out of luck and move onto the next machine. But if it excepts it then you have found that trusting machine. Notice on the different machines how the message, "Routing denied", can vary in its tone and pleasentness. Anyways on to the next step the body of the message: data This tells the computer you are ready to write the message. It will then say enter your message and end by hitting enter, then a period by its self and enter. Hey Monica my place or yours?