- 3

How to crack the BCC recipients field on Gmail, YahooMail or hotmail?

I am bachelor level student and have been given an assignment in my Network Security course. Is it possible to find out the recipients added in the BCC field? If yes, then how?

12th Dec 2018, 3:41 AM
Haider Javed
Haider Javed - avatar
9 Respostas
+ 4
Very interesting assignment indeed! Network security forum: https://security.stackexchange.com/ How to post a minimal, complete, and verifiable question in SL's term. " Here are some tips to make sure your question qualifies: - Post only programming-related QUESTIONS and ANSWERS; - SEARCH for similar QUESTIONS or ANSWERS before posting; - Include relevant TAGS; - Follow community RULES: https://www.sololearn.com/Content-Creation-Guidelines/ DO NOT - Post spam/advertisement; - Use inappropriate language. * Post general discussions and open-ended questions in your feed. ** In case of an assignment, providing a code snippet is mandatory."
12th Dec 2018, 5:20 AM
Babak
Babak - avatar
+ 4
Haider Javed Assuming the email client, the mail server, and network traffic haven't been compromised and everything is functioning as expected, then you won't be able to extract emails from the BCC. BCC email addresses are removed from the message envelope by the mail server and shouldn't be included in the message headers by the email client. Therefore, there would be no way of extracting addresses from the delivered emails.
12th Dec 2018, 6:32 AM
David Carroll
David Carroll - avatar
+ 2
BCC means to be hidden, cracking it is unethical act.
12th Dec 2018, 5:45 AM
Calviղ
Calviղ - avatar
+ 1
David is right. There is no information for anyone to do cracking here. Why should the mail server send and carry this hidden BCC information in the email, if it does not want to recipient to see it in the first place? I really wondering this is a course assignment from your study.. 🤣
12th Dec 2018, 7:07 AM
Calviղ
Calviղ - avatar
+ 1
Haider Javed I surely believe you now.. 😁
12th Dec 2018, 7:18 AM
Calviղ
Calviղ - avatar
+ 1
Haider Javed If by application layer you mean the mail server, then sure, you can extract the BCC from the message envelope. However, this assumes you have access to the mail server as an admin and the mail service application code and configuration.
12th Dec 2018, 7:41 AM
David Carroll
David Carroll - avatar
0
David Carroll so I cannot extract the addresses at the application layer?
12th Dec 2018, 6:42 AM
Haider Javed
Haider Javed - avatar
0
Calviղ I assure you sir this is just a course assignment.
12th Dec 2018, 7:14 AM
Haider Javed
Haider Javed - avatar
0
About email security you can read here https://powerdmarc.com/dmarc-business-case-banking/. If you still have any questions write to me a pm.
27th Jun 2020, 12:20 PM
Mikel