The Tor Website SMTP Open Relay - eugeni.torproject.org

i’ve found an SMTP open relay vulnerability in 94.130.28.202 the vulnerability allows allatckers to send internal emails remotly without any authintication.

And i’ve provided a screenshot as a POC for this exploitation methodolgy

eugeni.torproject.org

vuln name : SMTP open relaay

root@kali:~# telnet 94.130.28.202 25 Trying 94.130.28.202... Connected to 94.130.28.202. Escape character is '^]'. 220 eugeni.torproject.org ESMTP Postfix (Debian/GNU) EHLO test 250-eugeni.torproject.org 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN

Trac:
Username: t4rkd3vilz