SneakyMailer Write-Up by T13nn3s

My write-up of the box SneakyMailer. If you have any improvements or additions I would like to hear! I look forward to learning from you guys!

Really good write up - nice to see python being used to phish (I used swaks).

Interesting use of telnet to connect to IMAP, that shows you’ve got a very good understanding of the technology!

One point - which is trivial really - it looks like a sentence got copied and pasted by accident:

I’m sitting with my listener and waits if some fish is taking a bite. And yes, I got bate! The user Paul Byrd (paulbyrd@sneakymailer.htb) kicks in the phishing email and has clicked the link and left his username and password. Let’s start the phishing attack by sending every employee the crafted email message with my Python script.

The bit “lets start” is after the phishing attack.

Other than that - nice work, thanks for sharing!