The Tor Website SMTP Open Relay - eugeni.torproject.org
i’ve found an SMTP open relay vulnerability in 94.130.28.202 the vulnerability allows allatckers to send internal emails remotly without any authintication.
And i’ve provided a screenshot as a POC for this exploitation methodolgy
eugeni.torproject.org
vuln name : SMTP open relaay
root@kali:~# telnet 94.130.28.202 25 Trying 94.130.28.202... Connected to 94.130.28.202. Escape character is '^]'. 220 eugeni.torproject.org ESMTP Postfix (Debian/GNU) EHLO test 250-eugeni.torproject.org 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
Trac:
Username: t4rkd3vilz