Vulnerability Found in Pidgin Main Domain.

viren yadav virenyadav100 at gmail.com
Mon Sep 9 02:57:01 EDT 2019 

Hello sir,

I am a Ethical Hacker, I found a Vulnerability in Pidgin main Domain.

Title: SPF Flag missing at Main Domain.

Description: What Is SPF/TXT Records?

An SPF record is a type of Domain Name Service (DNS) record that identifies
which mail servers are permitted to send email on behalf of your domain.
The purpose of an SPF record is to prevent spammers from sending messages
with forged From addresses at your domain.


Checking Missing SPF:-
There Are Various Ways of Checking Missing SPF Records on a website But the
Most Common and Popular way is kitterman.com

Steps to Check SPF Records on a website:-
Go to http://www.kitterman.com/spf/validate.html

Enter Target Website Ex: target.com (Do Not Add https/http or www)
Hit Check SPF (IF ANY)

If You seem any SPF Record than Domain is Not Vulnerable But if you see
Nothing Here then "HURRAY! You Found a Bug"

Attack Scenario & PoC:-
Once There is No SPF Records.An Attacker Can Spoof Email Via any Fake
Mailer Like Emkei.cz.An Attacker Can Send Email From name "Support" and
Email: "support at target.com" With Social Engineering Attack He Can TakeOver
User Account Let Victim Knows the Phishing Attack but When He See The Email
from the Authorized Domain.He Got Tricked Easily.


Vulnerable Domain- pidgin.im

For testing I am Forgering support at pidgin.im

How to reproduce this

1. Go to https://emkei.cz/

2. Fill all the Details
Like :

Name - Pidgin
Email From - support at pidgin.im
Email To - Your Email Address

etc

Send Email

3. It will Directly send a Mail from support at pidgin.im to You.

By Following these steps any Attacker can Tricked a Victim with this Domain
Email.

PoC Screenshot is attached.

This should be fixed asap.

Thank You !

With Regards:
-Virendra Yadav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.pidgin.im/private/security/attachments/20190909/1f0ef5ed/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Pidgin100.png
Type: image/png
Size: 38296 bytes
Desc: not available
URL: <https://lists.pidgin.im/private/security/attachments/20190909/1f0ef5ed/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Pidgin101.png
Type: image/png
Size: 68120 bytes
Desc: not available
URL: <https://lists.pidgin.im/private/security/attachments/20190909/1f0ef5ed/attachment-0003.png>

More information about the security mailing list