Results 1 to 7 of 7

Thread: Brute Forcing smtp with Hydra

  1. #1

    Brute Forcing smtp with Hydra

    Hello, I have had this problem for sometime when ever I run a wordlist in hydra against my Gmail account it keeps giving me a false password.
    I have done some research and it seems that google blocks your ip when ever you try to log in multiple time..ext

    This is the command I run
    hydra -S -l (Username) -P (wordlist) -e ns -V -s 465 smtp
    So the question is is there anyway to run hydra through tor?
    I have tried using proxychains but when ever I do all the proxy's time out. But when I check them by open iceweasel there fine.
    Is there something I dont know about proxychains and hydra?
    Also another thing is even though this is a whole new subject on it self. Is how to I run everything through tor?

    Thanks you for taking your time and reading.
    Any help would be awesome and much appreciated.

  2. #2
    Join Date
    You know bruteforcing a gmail account is not really going to work, its much easier to send a keylogger, special website or something of that nature than trying to crack the account.

  3. #3
    Join Date
    Quote Originally Posted by AnonymousFigure View Post
    Also another thing is even though this is a whole new subject on it self. Is how to I run everything through tor?
    Don't. Tor only handles TCP packets. You will either break or lose the functionality of a number of programs if you don't know how to use them. You are better using Tor on an as needed basis. A simple way to do the following:

    1. Add "DNSPort 53" to your /etc/tor/torrc file. This sets Tor to listen for DNS queries on the standard port on your local machine and tye "service tor restart".
    2. Make a script to toggle the use of your ISP or local Tor DNS server. To prevent DNS leaks and use Tor to resolve DNS, edit /etc/resolv.conf to contain "nameserver".
    3. Edit /etc/proxychains.conf and place a "#" in front of "proxy_dns". You will not need proxychains to handle DNS for you since Tor ill be doing that.
    4. Use your tools with proxychains in a way that works with Tor.

  4. #4
    Thanks guys for the help.
    @Ancaglon Thanks thats what I thought. So is there any way to brute force a email account?
    @hot Thank you for your reply. I will try this method. I am also pretty new to Kali so I still need learn a little more before I try your method. When I do I will get back to you if I have any problems.
    I really appreciate everyones help.

  5. #5
    Anonymous, did you find some answer to your questions?

  6. #6
    Dude be careful. You shouldn't be messing with servers that you do not have written permission to mess with. Often leads into trouble. Anyone helping you can also be considered an accomplice.

  7. #7
    Join Date
    When i try to attack my email, it does give my a "password"

    �z�]�Q�C���,�H(J,e�y|�o���]��'9����H�:���A������T����$*���8�6Q&���fn|-�k�2�Im��6u�tbW"v]�~�*��X<l}�bb.����//(;C �sh#�B��w�����M�����Q?Rc�>�{��B���q\��w���1n�$ �=<�8v~�7+�q�p�s;�DH����G\��W�Yx����k#YqH ��% ���I+����%�D7(�J78�M��$�����

    ^ thats what I get. Any fixes for that?

Similar Threads

  1. Wpscan brute-forcing problems with security plugins
    By kr4ft3r in forum General Archive
    Replies: 0
    Last Post: 2014-01-15, 00:37

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts