The colloquy of Sarah Yang

Someone forwarded a spammer's email to Spamnesty, which replied to the email, pretending to be a person called Sarah Yang and starting a conversation.

This is that conversation.


Spammer

  • Subject: Attention: Dear Sir/Madam
  • On: June 14, 2017, 5:45 p.m.

United Bank For Africa Plc
Head Office: 01 BP 2160 Porto-Novo,
Benin Republic
Tel: +229-6242-8811

I have been mandated to inform you that your inheritance/contract fund with our bank is due for release into your nominated bank account.

The audit report given to us, shows that you have been going through hard times to see to the release of your funds USD2.5 MILLION, which has been delayed by some dubious officials. We therefore advise that you stop further communication with any correspondence outside this office. In order to proceed with this transaction, you will be required to contact the agent in-charge ( MR. CHARLES WHITE ) by clicking on Reply button, kindly look below to find appropriate contact immediately after clicking on Reply button information:

CONTACT AGENT NAME: MR. CHARLES WHITE
Phone Number: +229-6242-8811

Kindly give us your contact details such as Stated Below in order to process and send your funds without further delay.

Full Name:
Address:
Bank Account:
Bank Name:
Zip Code:
Direct Contact Number:
Occupation:

IMF organization have ordered the funds recovered to be shared among the 10 Lucky people listed around the World as a compensation/inheritance.Therefore, We would like you to choose below your choice of fund release:

(A) Bank Transfer/Online Banking
(B) Certified Bank Draft/Cheque
(C) ATM Card
(D) Consignment

For and On behalf of:
Christine Lagarde
IMF Managing Directors

Spamnesty

  • Subject: Re: Attention: Dear Sir/Madam
  • On: June 14, 2017, 5:45 p.m.

Hey there,
Could you tell me where you are located? Also, could you tell me more about your offer?

Sarah Yang
CEO, MNesty, LLC

Spammer

  • Subject: Re: Attention: Dear Sir/Madam
  • On: Feb. 4, 2021, 7:54 a.m.


National Credit Union Administration
Address: 1775 Duke Street, Alexandria,
VA 22314–3428. United State.
Website: www.ncua.gov
Email Only✉: [email protected]
Text me, +1 (5853)919-391

Dear 
Sarah Yang

National Credit Union CREDIT Transaction Notification

This Message is from the National Credit Union Alexandria, Virginia, United States, And am contacting you about your funds of $10.7 Million Us Dollars deposited to the United Bank For Africa Plc to transferred the funds to you as Your compensation for Scam Victim because your name and your phone number was listed among the Victims that was scammed years ago by West Africa Countries and now you are to be compensated with the sum of $10.7 Million Us Dollars, Therefore you have to reconfirm your information to them via email such as follows;

Your Full Name:
Your Home Address:
Your Tell Number:
Your Whatsap Nnumber:
Occupation:

Don't Forget To Reply This Email Only✉: [email protected]

And after reconfirming your personal information to Them, Kindly let them know the best way that you wish to have your funds of $10.7 Million Us Dollars to you either the funds will be transferred in your bank account or the funds will be converted to an ATM MASTER CARD and it will be delivered to your home address or the funds will be delivered to you in Cash.

If You receive this message in spam, kindly know that it is a network problem.

Best regards:
Mr. Todd M. Harper
National Credit Union Administration
1775 Duke Street Alexandria, VA 22314

Spamnesty

  • Subject: Re: Attention: Dear Sir/Madam
  • On: Feb. 4, 2021, 5:52 p.m.

Hello,
That is very interesting! Could you elaborate? Do you have any details online I could look at?

Sarah Yang
CEO, MNesty, LLC

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: Feb. 24, 2021, 7:44 a.m.

Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 8, 2021, 7:08 a.m.

Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 15, 2021, 5:46 a.m.

Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 17, 2021, 4:20 p.m.

Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]com> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 22, 2021, 6:04 a.m.

Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 29, 2021, 5:24 a.m.

Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: March 29, 2021, 5:57 p.m.

Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: April 19, 2021, 9:23 a.m.

Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: April 26, 2021, 10:06 a.m.

Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <ethica[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: April 30, 2021, 10:25 p.m.

Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <ethical[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: May 17, 2021, 5:01 a.m.

Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Sat, 1 May 2021 at 03:25, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: May 24, 2021, 9:38 a.m.

HI,

I hope you are doing well, I am very upset with your unprofessional behavior. This is not a way of treating a person who helped you in making your platform more secure for users.  
Please update me regarding my reward

Looking forward to your response

SIncerely
Rahat

On Mon, 17 May 2021 at 10:00, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Sat, 1 May 2021 at 03:25, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: May 31, 2021, 9:58 a.m.

Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 24 May 2021 at 14:37, Rahat Ali <[email protected]> wrote:
HI,

I hope you are doing well, I am very upset with your unprofessional behavior. This is not a way of treating a person who helped you in making your platform more secure for users.  
Please update me regarding my reward

Looking forward to your response

SIncerely
Rahat

On Mon, 17 May 2021 at 10:00, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Sat, 1 May 2021 at 03:25, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 7, 2021, 10:46 a.m.

Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 31 May 2021 at 14:57, Rahat Ali <[email protected]> wrote:
Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 24 May 2021 at 14:37, Rahat Ali <[email protected]> wrote:
HI,

I hope you are doing well, I am very upset with your unprofessional behavior. This is not a way of treating a person who helped you in making your platform more secure for users.  
Please update me regarding my reward

Looking forward to your response

SIncerely
Rahat

On Mon, 17 May 2021 at 10:00, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Sat, 1 May 2021 at 03:25, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 14, 2021, 2:56 a.m.

Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 7 Jun 2021 at 15:46, Rahat Ali <[email protected]> wrote:
Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 31 May 2021 at 14:57, Rahat Ali <[email protected]> wrote:
Hi Team,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Mon, 24 May 2021 at 14:37, Rahat Ali <[email protected]> wrote:
HI,

I hope you are doing well, I am very upset with your unprofessional behavior. This is not a way of treating a person who helped you in making your platform more secure for users.  
Please update me regarding my reward

Looking forward to your response

SIncerely
Rahat

On Mon, 17 May 2021 at 10:00, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Sat, 1 May 2021 at 03:25, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email? I did not hear any word again from you

Looking forward to your response.

Sincerely,
Rahat

On Mon, 26 Apr 2021 at 15:06, Rahat Ali <[email protected]> wrote:
Hi Team,
Any updates regarding my above email?
Looking forward to your response.

Sincerely,
Rahat
On Mon, 19 Apr 2021, 2:23 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?
On Mon, 29 Mar 2021, 10:57 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Any updates?

On Mon, 29 Mar 2021 at 10:24, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 22 Mar 2021, 11:03 am Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 17 Mar 2021, 9:20 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
I hope you are doing well. I did not hear any word again from you. Please just let me know are you interested in my services or not?
Looking forward to your response.
Sincerely,Rahat

On Mon, 15 Mar 2021 at 10:46, Rahat Ali <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Mon, 8 Mar 2021, 12:08 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat
On Wed, 24 Feb 2021, 12:44 pm Rahat Ali, <[email protected]> wrote:
Hi Stephanie,
Can I send you my whatsapp number? Or skype? And we would discuss everything opn call.
Sincerely,Rahat

On Tue, 23 Feb 2021 at 23:51, Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 16, 2021, 2:58 p.m.

Hi Stephanie,

I hope this email finds you well, Any updates regarding my submitted vulnerability reports? I don't know why are you not replying. I just send you some vulnerabilities that was my mistake, Now I take your silence as a silence consent and going to disclose all my findings publicly for educational purpose.

Thanks.

Sincerely,
Rahat
On Tue, 23 Feb 2021, 11:51 pm Stephanie Yang, <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spamnesty

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 17, 2021, 2:58 a.m.

Hello,
Can you give me some more info about what you're offering? Specifically, how does it apply to our business? How can we use this?

Sarah Yang
CEO, MNesty, LLC

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 17, 2021, 10:47 a.m.

What is the best option for you to call skype, whatsapp or something else. We will discuss further about price model on call.
On Tue, Feb 23, 2021 at 11:51 PM Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 17, 2021, 10:49 a.m.

You can apply this using DMARC and reject policy to fix this. Furthermore more this vulnerability can loss business and reputation loss because an attacker can send an email using your domain. This is the dangerous attack.
On Thu, Jun 17, 2021 at 3:47 PM Rahat Ali <[email protected]> wrote:
What is the best option for you to call skype, whatsapp or something else. We will discuss further about price model on call.
On Tue, Feb 23, 2021 at 11:51 PM Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server
  • On: June 21, 2021, 4:09 a.m.

Hi Stephanie,

Any updates regarding my above email?

Looking forward to your response.

Sincerely,
Rahat

On Thu, 17 Jun 2021 at 15:49, Rahat Ali <[email protected]> wrote:
You can apply this using DMARC and reject policy to fix this. Furthermore more this vulnerability can loss business and reputation loss because an attacker can send an email using your domain. This is the dangerous attack.
On Thu, Jun 17, 2021 at 3:47 PM Rahat Ali <[email protected]> wrote:
What is the best option for you to call skype, whatsapp or something else. We will discuss further about price model on call.
On Tue, Feb 23, 2021 at 11:51 PM Stephanie Yang <[email protected]> wrote:
Hi,

Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Stephanie Yang

CEO, MNesty, LLC

On 23/02/2021 18:50 PM, Rahat Ali wrote:

> Sent: Tuesday, February 23, 2021 3:06 AM

>

> To: gcagent <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected]; Brown, David <[email protected]

>

> Subject: Re: Bug report (5) SMPT Protection not used, I can hijack your email server

>  

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

>

>

> Rahat

>

>

>  

>

>

> On Tue, 26 Jan 2021, 12:23 am Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Mon, 18 Jan 2021 at 21:04, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi team

>

>

>

> Any updates regarding my submitted vulnerabilities reports ?

>

>

>

> Looking forward to your response

>

>

>

> Sincerely

>

> Rahat

>

>  

>

>

> On Sun, 10 Jan 2021 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 5 Jan 2021 at 01:47, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Mon, 23 Nov 2020 at 12:43, Rahat Ali <[email protected]> wrote:

>

>

>

> Hi Team,

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Tue, 10 Nov 2020, 10:07 pm Rahat Ali, <[email protected]> wrote:

>

>

>

> Hi

>

>

>

> Any updates regarding my submitted vulnerability reports?

>

> Looking forward to hearing from you.

>

>

>

> Sincerely,

>

> Rahat

>

>  

>

>

> On Sun, 8 Nov 2020 at 22:51, Rahat Ali <[email protected]> wrote:

>

>

>

>

> Hi Team,

>

>

>  

>

>

>  I found a Vulnerability in        https://www.daybreakgames.com/

>

>

>  

>

>

>

> Vulnerability Type:  SMPT Protection not used, I can hijack your email server.

>

>

>

>

>

>  

>

>

> Severity: Critical

>

>

>  

>

>

>

> Description

>

> Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy (combining SPF,

> DKIM, and DMARC but I don't see that from    daybreakgames.com/              ,

> You should apply strict SMPT policy to stop spoofed email sending from your domain. 

>

> Exploit scenario:

>

> An attacker would send a Fake email from saying that Please change your password, The victim is aware of phishing attacks, But when he sees that the mail originated from 

>

> [email protected]

>

> , He has

> no other way than to believe it. Clicking on the link takes him to a website where certain JavaScript is executed which steals his bl.ink id and password (SESSION

> COOKIE). The results can be more dangerous.

>

> POC is also attached you can also see that i can use your domain name email and can send the mail to any of the user of bl.ink

>

> Proof of concept: 

>

>

>  

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>  

>

>

>

>

> How to Fix:

>

>

>

>

>

>  

>

>

> To fully implement your SPF policy, there is only one step left, adding it to the DNS record for the domain. Log in to control the name server. If you don’t know where that is,

> the default name server from the domain registrar (such as GoDaddy and NameCheap) is probably used and that is where you should log in to manage the DNS records.

>

>

>  

>

>

> A TXT record should now be added with the value of the selected SPF policy. In many cases, the SPF policy needs to be placed within quotes.

>

>

>  

>

>

> I Hope you will fix the issue as soon as possible. Looking forward to hear from you. Thank you

>

>

>  

>

>

>

>

> Sincerely,

>

>

>

> Rahat

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> The information in this email message may be confidential and/or privileged and is intended only for use by the individual or entity to whom it is addressed. Any unauthorized disclosure, copying, distribution or use of any of the information contained in or

> attached to this message is strictly prohibited. If you have received this email message in error, please notify us immediately and securely delete this email and any attachments.

>

>

>

Spammer

  • Subject: software Development !
  • On: June 30, 2021, 6:19 p.m.

Hello Steven Yang, We are a leading software Development and IT Services Company headquartered in Texas Houston; offering services for the Health industries. For almost two decades of experience with numerous clients for their software development, IT support and staffing projects. 
We are offering lower rates for our staffing services as a few projects have been shelved amid the ongoing global situation. Please see the list of immediately available resources below. Resources with other skill sets can be provided with a lead time of 1-2 weeks. 
1. Java (18 resources) 2. Angular JS (14) 3. React (13) 4. PHP (7) 5. .Net (5) 6. QA (6) 7. Technical Writers (5) 8. Android Developer (8) 9. iOS Developer (7)  Rates vary from USD 2,000 to USD 3,000 per month depending on the skillset and experience.  If you’d like a fixed quote for our development services, please share the project details. We’ll be happy to get on a call if you have any questions or would like to discuss in more detail, please visit https://www.simublade.com/
Best Regards,Shivam Pandey.Business Head

Spamnesty

  • Subject: Re: software Development !
  • On: June 30, 2021, 11:19 p.m.

Hi,
Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Sarah Yang
CEO, MNesty, LLC