Sendmail Gmail 2FA Python Script & More

Happy Hack Sunday! This is the day that I truly devote to our craft and do things on my To Do list. Which is a list of things I’d like to get done because I need them to get done or things which I’d just like to do for the fun of it and to broaden my horizons. This is also the day I patch my systems. Today I have a few things I’d like to discuss with you all. So let’s get started here.

—————-Linux Hacking—————-

I’d like to direct your attention to the e-book Linux 101 Hacks “Practical Examples to Build a Strong Foundation in Linux” by Ramesh Natarajan. I’ve found this text useful and have incorporated some of the techniques into my own Scratchpad notes that I plan to publish here on my blog later this year. It is a guide I’ve been steadily adding to over the last four years pertaining to hacking and CTF competitions.

Find it here: http://www.thegeekstuff.com/linux-101-hacks-ebook/

—————-Rastalabs—————-

Do yourselves a very big favor and put this site on your watchlist because you’re going to want to be a part of this when it goes live. I have followed hacker Rastamouse for the last four years and he is EXTREMELY gifted. You should also read his write-ups because his hacking is solid.

https://rastalabs.net/2017/05/21/progress-update-2/

—————-Rook & Bl4de not Razor & Blade———–

Speaking of gifted hackers, my Twitter pals hackers Rook & Blade should be ones you should watch.

Rook does a lot of live streaming events where he demonstrates his talent.

https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA/videos

Bl4de is trying to get to number one on HackerOne’s top bug-hunter’s list and I’m convinced he will get there one day.

https://twitter.com/_bl4de

—————-HackerFantastic & x0rz—————-

Hackers HackerFantastic and x0rz had an interesting debate this week on Twitter about whether or not it’s “ethical” to “hack back” when targeted. But look through their feeds as well because they are exceptional at what they do as well.

https://twitter.com/hackerfantastic

https://twitter.com/x0rz

—————-Sendmail Gmail 2FA Python Script——–

I was recently inspired to write a quick Python sendmail script (with help from StackOverflow) which allows me to send an email to multiple addresses AND uses 2FA with App Passwords through Gmail.

 

You want to change the following values:

Line 2: Change fromaddr= to the email you are sending it from
Line 3: Change the toaddrs to the email addresses you are sending the mail to. If you have more than two you are going to add another comma at the end of secondemail@gmail.com, followed by a tick mark ‘ the third email address and close with a tick mark

Line 5: Change the Subject to what you want
Line 7: Change “Testing” to the body of the message you want

Line 9: Change your username to your Gmail username
Line 10: This is important, in order to successfully authenticate you have to first create an “App Password” for Google’s Two-Factor Authentication 2FA process.

Google “Google App Password” and click the second link.
Create a “Mail” Password.
Name it Python or whatever you want to call it
Click Generate
Copy the password that it generates for you into Line 10. It can be with or without the spaces in it.
Name the script what you want just DO NOT call it “email.py”!

This will fail as it will think its an existing email python script named “email.py” in your Linux system and if you have Kali Linux it definitely will.

Make it executable chmod +x nameofyourscript.py

Run it ./nameofyourscript.py or python nameofyourscript.py

 

—————-Amazon Infosec Book Contest————–

Hacker RoxyD https://twitter.com/theroxyd runs an ongoing Amazon book contest where you can either donate to her cause if you have extra Amazon credits or win the contest as I did along with some others in May.

Got a copy of HashCrack which went on my desk on top of the RTFM and BTFM manuals.

She’s very sweet and I just like her. Support her if you can, please.

—————-Closing—————-

I’m working on another boot2root challenge which I should be doing a writeup for next week or the following so look out for that. I have a bunch of hardware-related hacking I’m doing on my own and I’m also fixing some things for family and friends so my time is split for the next couple of weeks.

But I get to use my soldering iron so I’m happy about that!

As always, hack often and all the things! Thank you for reading!