MX injection

By
Febna V M
Published on
24 Jun 2018
1 min read
Vulnerability
Injection

MX injection is an injection technique that is similar to other injection techniques like SQL injection, XPath injection, SSI injection and many more. An application that has a mail server that is not accessible directly to the internet is vulnerable to this attack. If the attacker gets access to the port number at which the mail server is running, he can access the mail server directly. This injection attack can be exploited on applications that communicate with a mail server. A vulnerable server will allow injection of IMAP or SMTP commands to the mail servers through webmail application. The MX injection is possible due to improper validation of user-supplied data. For an application to be vulnerable to MX injection, there are many factors like the type, scope of injection and mail server technology and many more.

Example

The following example shows a step by step method to attack an application vulnerable to MX injection.

        http://example.beaglesecurity.com/src/read_body.php?mailbox=&passed_id=46106&startMessage=1                 #send null value
        http://example.beaglesecurity.com/src/read_body.php?mailbox=NOTEXIST&passed_id=46106&startMessage=1         #substitute it with random value
        http://example.beaglesecurity.com/src/read_body.php?mailbox=INBOX PARAMETER2&passed_id=46106&startMessage=1 #Add values to other parameters
        http://example.beaglesecurity.com/src/read_body.php?mailbox=INBOX"&passed_id=46106&startMessage=1           #Add non-standard special characters
        http://example.beaglesecurity.com/src/read_body.php?passed_id=46106&startMessage=1                          #Eliminate the parameter

    

Impact

This vulnerability can have the following impacts:-

  • Exploitation of vulnerabilities in the mail protocol.
  • Application restrictions evasion. Using this attack, the attacker can bypass restrictions applied on the server.
  • Data Breach: The attacker can access sensitive information about the application.
  • Spamming: Through this attack, the attacker can spam all the users of the mail server.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • All input data used by the application must be sanitised. Delete any character that could have malicious intentions.
  • Use the application firewall with better protection systems. The firewall must contain a rule to prevent MX injection code.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Febna V M
Febna V M
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.