In this lab, we're going to learn to send spam emails. It turns out that with the Simple Mail Transfer Protocol (SMTP), you don't need to know someone's password to send an email from their account! Anyone can send emails from anyone else's account!
Sending an email from any address
Telnet into the local SMTP webserver
telnet webserver 25
Now, type the following commands:
helo whitehouse.gov mail from: presidentobama@whitehouse.gov rcpt to: youremail@server.com data Subject: I'm the president! I order you to behave! .
The dot at the end is very important. It must be on a line all by itself. That's what tells the server that the email message is over.
Let's automate the process using bash
In this part of the lab, you're going to write a bash script that will send spam to all your friends. In particular, you should write a bash script that takes two parameters. The first is the email address of the recipient, and the second is the email of the sender. Then, your bash shell will read stdin to get the body of the email. The subject line should always be "This email is spam!"
WARNING: don't actually use this code for evil! It will get your account suspended, and could even get you arrested!
For example, a run of your program might look like:
bash> ./spam.sh sucker@gmail.com obama@whitehouse.gov Don't read this message. It is spam! ^D
To accomplish all of this, I recommend following these steps:
Script files normally end with the ".sh" extension, although they don't have to. They all must be made executable. You can do this with the following command:
chmod a+x file.sh
Finally, you need to add the following lines at the top of the file:
#!/bin/bash
This tells the computer that all of the code in the file should be executed using the bash shell. To run your script, just type
./file.sh
Accept command line arguments
First, just print out the command line arguments that your script is getting. Try adding this command to you script file:
echo $1then run
./file blahblahblah ./file hello world ./file "hello world"and see what happens. You can use this link for more info: http://how-to.wikia.com/wiki/How_to_read_command_line_arguments_in_a_bash_script
Extract the domain from an email address
You will need to extract the domain name from the sender's email address in order to create the "helo" command.
You can use the code at https://redbeardtechnologies.wordpress.com/2009/02/02/using-bash-to-extract-domain-name-from-an-email-address/ to extract the domain from an email address. NOTE: you may have to replace the single and double quotes if they don't get coppied correctly.
Store the text you want to send in a variable
Check out this link on how to use variables in bash http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-5.html
Store all the text in a variable, and use the "echo" command to print it to the screen.
Use pipes and telnet to send your commands to the server
Once everything is formatted correctly, you should send the email using a command similar to:
echo "$MYVAR" | telnet server 25