0%

HackTheBox-CTF-EasyPhish

Customers of secure-startup.com have been recieving some very convincing phishing emails, can you figure out why?

1
2
3
4
5
dig +short TXT secure-startup.com.
"v=spf1 a mx ?all - HTB{RIP_SPF_Always_2nd"

dig +short TXT _dmarc.secure-startup.com.
"v=DMARC1;p=none;_F1ddl3_2_DMARC}"

注意:DMARC DNS TXT记录的拥有者字段必须始终为“_dmarc”,若指定该记录应用到域或子域,可以采用“_dmarc.example.com”的形式。

在线工具: