Theoretically how spamming works

Asphyxia

Owner
Administrator
Apr 25, 2015
1,845
2
2,199
327
Let's say a potentially nefarious individual stumbles upon a post like https://r4p3.net/threads/antipublic-and-collection-1-2-3-4-5-torrent.7950/#post-71383 - except keep in mind this is posted around the "dark web" in 1,000s of places and exchanged for money while I am sharing this as a public service announcement of sorts for email/password security.

The nefarious individual would:
  1. Obtain the torrent files and use torrenting software like BitTorrent (or others) to download the contents.
  2. Parse out any and all emails, in this particular case stripping everything after ":" in the lists much like detailed in the thread linked above.
  3. Once we have a large listing of all the emails separated by new lines/returns we can use tr '\n' ',' < input.txt > output.txt or replace the \n for \r, also possible to use dos2unix to strip carriage returns or possibly just replace \n with '\r\n', explained over here.
  4. Using software like Mautic, you can generate a leads list for email marketing but keep in mind you may want to enable the email queue support considering sending 1,000,000+ emails immediately is rather ridiculous.
  5. Chances are high you may want a separate SMTP server to easily destroy/rebuild your Postfix email relay as the demand would arise - you may also consider cycling through different domain names.
Alternative methods to this could involve scraping emails from public Internet directories to acquire a Bing/Google indexed leads list. The key to successful email marketing of any kind is sending quality content that encourages users to click through. The number one goal to any email marketing campaign is a high click rate (click-through rate). This means finding or guessing the interests of recipients and making sure to pique the recipient's interest. Maybe to a list of all ".ca" emails, "Fun activities in Canada", or something of that sort.


Examples of gathering more emails via Google searching:
Code:
intext:@gmail.com filetype:xls
intext:@yahoo.com filetype:xls

For example, the @yahoo one returns an Electric File Certifications list containing - one can get creative when searching for email recipients:

Ironically, I stumbled upon a dork for TeamSpeak 2 inurl:Teamspeak2_RC2/server.log and the outputs are fairly funny.

Code:
16-04-06 12:51:06,WARNING,Info,SERVER,    admin account info: username: admin password: zadoyw
16-04-06 12:51:06,WARNING,Info,SERVER,    superadmin account info: username: superadmin password: h46isj
From http://xcelco.on.ca/~bee-mee/Teamspeak2_RC2/server.log

and

Code:
30-07-05 19:07:36,WARNING,Info,SERVER,    admin account info: username: admin password: jm9ph5
30-07-05 19:07:36,WARNING,Info,SERVER,    superadmin account info: username: superadmin password: zirf11
From http://vcrpat.free.fr/Teamspeak2_RC2/server.log

Some dorks were found at https://d4msec.wordpress.com/2015/09/03/google-dorks-for-finding-emails-admin-users-etc/ and other similar security blogs.
 
Last edited:
Top