Email Filtering Bypass

Bypassing Email Filtering

A lot of times emails will be quarantined based on content. We can trick them by injecting invisible characters and html elements into our messages.

We can use a Zero Width Joiner ref to assist in this. simply pasting the character in the middle of problematic words should do the trick.

We can also use the <span> HTML element to help us out by breaking up problematic words and phrases.

Text:

All,

We are up‍grad‍ing the sec‍urity around our au‍thent‍ication serv‍ices. Please lo‍g‍in ({{.URL}}) to ena‍ble these new feat‍ures.

Tha‍nks
-
Guy Withaface
IT

You can’t tell the difference just by looking at it. However, if we open it up in vim we can see the difference.

All,

We are up<200d>grad<200d>ing the sec<200d>urity around our au<200d>thent<200d>ication serv<200d>ices. Please lo<200d>g<200d>in ({{.URL}}) to ena<200d>ble these new feat<200d>ures.

Tha<200d>nks
-
Guy Withaface
IT

HTML:

<html>
<head>
	<title></title>
</head>
<body>
<p>All,</p>

<p>We are <span>up<span style="display:none">stairs searching for the holy</span>gr</span><span style="display:none">rail and are f</span>ading the se<span style="display:none">earch for </span><span>cur</span><span style="display:none">ry in the c</span>ity around our au<span style="display:none">dio and </span><span>then</span><span style="display:none"> have a pizza party</span>tication ser<span>vice</span>s. Please <a href="{{.URL}}">lo<span>gin</span> to en<span>able thes</span>e new features</a>.</p>

<p>Thanks</p>
</body>
</html>
Last modified August 28, 2024: spellz and grammar (1733997)