BSidesVienna 0x7e8

Timo Longin

Timo Longin (also known as Login) is a senior security consultant at SEC Consult at day and a security researcher at night. Aside from everyday security assessments, he publishes blog posts and security tools, holds talks at conferences and universities, and has a passion for CTFs. His main focus is on web applications; yet, infrastructure and hardware are not safe from him either. For example, in his prior research, Timo discovered DNS vulnerabilities in web applications, hosting providers and even entire countries. However, most people know him for discovering SMTP smuggling. As a well-rounded offensive security researcher, he tries to find forgotten and new exploitation techniques that make the unthinkable possible!

The speaker's profile picture

Sessions

11-23
14:10
30min
SMTP Smuggling Revisited – Still Spoofing E-mails Worldwide?!
Timo Longin

Since 1982 we’re sending e-mails across the globe with the Simple Mail Transfer Protocol (SMTP). Nevertheless, just last year, a simple yet crucial mistake in popular SMTP implementations was discovered, allowing for so called SMTP smuggling. Have you ever wanted to send e-mails as [email protected] while still passing SPF checks? SMTP smuggling had you covered! However, with global fixes applied, this is now another story.

Therefore, building upon the knowledge established in the initial discovery, this talk delves deeper into the intricacies of SMTP smuggling, unveiling novel exploits and targeting unexpected attack surfaces. Starting from SMTP smuggling fundamentals, we’re analyzing theoretical and practical ways to once again send an e-mail as [email protected].

Hence, we again shine the light on SMTP and see what this protocol has left to offer!

Main Track
Track 1 (Dachssal)