Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

You Have No Idea Who Sent That Email - 18 Attacks on Email Sender Authentication

Black Hat via YouTube

Overview

Explore 18 types of attacks that bypass email sender authentication in this 40-minute Black Hat conference talk. Delve into vulnerabilities affecting popular email providers and clients, including techniques to impersonate senders and forge DKIM-signed emails. Learn about inconsistencies in SPF, DKIM, and DMARC protocols, and understand the complexities of email transmission and authentication flows. Discover how attackers exploit parsing inconsistencies, inject authentication results, and leverage email service accounts for spoofing. Gain insights into potential defense strategies against these sophisticated email security threats.

Syllabus

Intro
How Do You Verify the Email Sender?
Background: Email Transmission
Sender Policy Framework (SPF)
Domain Message Authentication, Reporting and Conformance (MARC)
Overview of Email Authentication Flow
Key Idea of Our Attacks
Inconsistencies b/w SPF and DMARC
Inconsistencies b/w DKIM and DNS
Exp. 3a: DKIM Authentication Results Injection
a: Multiple From Headers
From Sender Ambiguity
Complex From Header Syntax
h: Exploiting Parsing Inconsistencies
Spoofing via an Email Service Account
Thinking on Defense

Taught by

Black Hat

Reviews

Start your review of You Have No Idea Who Sent That Email - 18 Attacks on Email Sender Authentication

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.