This module exploits a vulnerability on smtpsvc.dll ( "Simple Mail Transfer Protocol" service ) via a malformed MX response packet sent by the spoofed DNS Server. This module exploits a vulnerability on smtpsvc.dll ("Simple Mail Transfer Protocol" service) via a malformed MX response packet sent by the spoofed DNS Server. When the SMTP Client ( this module ) sends an email to "[email protected]" ( "XXXXX" is a random number between 0 and 65536 ), the SMTP Server tries to resolve the IP of "dominioXXXXX.com" domain. In that moment, the SMTP Server sends a DNS request to the configurated DNS Server. This module tries to send a response to the SMTP Server before the configurated DNS Server does.
CVE Link
Exploit Platform
Exploit Type
Product Name