Email Header Injection
Email Header Injection
https://resources.infosecinstitute.com/email-injection/
Inject Cc and Bcc after sender argument
The message will be sent to the recipient and recipient1 accounts.
Inject argument
The message will be sent to the original recipient and the attacker account.
Inject Subject argument
The fake subject will be added to the original subject and in some cases will replace it. It depends on the mail service behavior.
Change the body of the message
Inject a two-line feed, then write your message to change the body of the message.
Last updated