FOUND A VULNERABILITY IN YOUR WEBSITE

[Shubham Kumar Gupta]

BYPASSED SPF RECORD

An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain.
Checking Missing SPF:-
There Are Various Ways of Checking Missing SPF Records on a website But the Most Common and Popular way is kitterman.com

Steps to Check SPF Records on a website:-
Go to http://www.kitterman.com/spf/validate.html

Enter Target Website Ex: target.com (Do Not Add https/http or www)
Hit Check SPF (IF ANY)

If You seem any SPF Record than Domain is Not Vulnerable But if you see Nothing Here then "HURRAY! You Found a Bug"

Attack Scenario & PoC:-
Once There is No SPF Records.An Attacker Can Spoof Email Via any Fake Mailer Like Emkei.cz.An Attacker Can Send Email From name "Support" and Email: "support at target.com" With Social Engineering Attack He Can TakeOver User Account Lets say Victim Knows the Phishing Attacks but When He Sees The Email from the Authorized Domain.He Gets tricked Easily.

Vulnerable Domain - mycrypto.com

for testing i am forgering support at pidgin.im/

How to reproduce this

go to https://anonymousemail.me/

fill all the details
like
Name - pidgin
email - support at pidgin.im/
to - your email address

etc

send email

it will directly send a mail from support at pidgin.im/ to you

Impact
Once There are no SPF Records.An Attacker Can Spoof Email Via any Fake Mailer Like Emkei.cz.An Attacker Can Send Email From name "Support" and Email: "support at target.com" With Social Engineering Attack He Can TakeOver User Account Lets say Victim Knows the Phishing Attacks but When He Sees The Email from the Authorized Domain.He Gets tricked Easily.

Sent from Mail for Windows 10