HackTheBox-CTF-EasyPhish

Post author: atsud0
Post link: <a href="https://atsud0.me/2021/01/24/HackTheBox-CTF-EasyPhish/" title="HackTheBox-CTF-EasyPhish">http://atsud0.me/2021/01/24/HackTheBox-CTF-EasyPhish/
Copyright Notice: All articles in this blog are licensed under <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/" rel="noopener" target="_blank"> BY-NC-SA unless stating additionally.

Posted on 2021-01-24 In 靶机实验 , CTF , OSINT Views:
Symbols count in article: 404 Reading time ≈ 1 mins.

Customers of secure-startup.com have been recieving some very convincing phishing emails, can you figure out why?

dig +short TXT secure-startup.com.
"v=spf1 a mx ?all - HTB{RIP_SPF_Always_2nd"

dig +short TXT _dmarc.secure-startup.com.
"v=DMARC1;p=none;_F1ddl3_2_DMARC}"

注意：DMARC DNS TXT记录的拥有者字段必须始终为“_dmarc”，若指定该记录应用到域或子域，可以采用“_dmarc.example.com”的形式。

在线工具：

goole-admin-toolbox-dig
mxtoolbox