Author Topic: Python Bruteforce gmail  (Read 1837 times)

0 Members and 2 Guests are viewing this topic.

Offline Zman0x0

  • NULL
  • Posts: 3
  • Cookies: -2
    • View Profile
Python Bruteforce gmail
« on: February 03, 2016, 05:49:53 am »
Hello guys and girls i have been codeing in python for non-hacking purposes so far. I'm wondering what I can improve on in this is code that I have for this Bruteforce.

Any ideas and suggestion will be helpful.

http://pastebin.com/pBzva8DU

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Python Bruteforce gmail
« Reply #1 on: February 03, 2016, 02:10:53 pm »
Hello guys and girls i have been codeing in python for non-hacking purposes so far. I'm wondering what I can improve on in this is code that I have for this Bruteforce.

Any ideas and suggestion will be helpful.

http://pastebin.com/pBzva8DU
Add multithreading ,this will be slow as shit.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline gray-fox

  • Knight
  • **
  • Posts: 208
  • Cookies: 52
    • View Profile
Re: Python Bruteforce gmail
« Reply #2 on: February 03, 2016, 02:47:40 pm »
Also OP,  this wouldn't work with gmail AFAIK. Account you try to access needs to have "less secure apps" -option enabled in google settings and most likely very few people have it enabled. To login/trying login without "less secure apps" -option, SASL XOAuth2 needs to be used.
« Last Edit: February 03, 2016, 06:07:51 pm by gray-fox »

Offline flowjob

  • Knight
  • **
  • Posts: 327
  • Cookies: 46
  • Pastafarian
    • View Profile
Re: Python Bruteforce gmail
« Reply #3 on: February 03, 2016, 06:50:14 pm »
Well, the biggest problem would be that the servers will block you after too many failed authentication attempts...
Quote
<phil> I'm gonna DDOS the washing machine with clothes packets.
<deviant_sheep> dont use too much soap or youll cause a bubble overflow

Offline Zman0x0

  • NULL
  • Posts: 3
  • Cookies: -2
    • View Profile
Re: Python Bruteforce gmail
« Reply #4 on: February 04, 2016, 12:36:14 am »
Well this work as fast or at all. I did a little bit of looking around. Im going to be putting this one away and starting fresh. Ill take y'alls comments and add what y'all said into count.

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Python Bruteforce gmail
« Reply #5 on: February 04, 2016, 08:28:32 pm »
Well, the biggest problem would be that the servers will block you after too many failed authentication attempts...
No shortage of IP addresses ;)
« Last Edit: February 04, 2016, 11:06:31 pm by proxx »
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline flowjob

  • Knight
  • **
  • Posts: 327
  • Cookies: 46
  • Pastafarian
    • View Profile
Re: Python Bruteforce gmail
« Reply #6 on: February 05, 2016, 08:17:57 pm »
No shortage of IP addresses ;)

I doubt that they do not count failed login attempts across servers.. Otherwise bruteforcing would be too easy/possible.
Quote
<phil> I'm gonna DDOS the washing machine with clothes packets.
<deviant_sheep> dont use too much soap or youll cause a bubble overflow

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Python Bruteforce gmail
« Reply #7 on: February 05, 2016, 09:01:28 pm »
Most email providers won't just restrict the IP, but lock out the account,  gmail included.

To unlock it they require you to reset the password based on your settings for either an alternate email, security questions, phone verification, etc.

Furthermore services like gmail will email yourself and other associated accounts if someone does get in.

Bruteforcing email addresses are like so 1990s
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Python Bruteforce gmail
« Reply #8 on: February 12, 2016, 05:29:52 pm »
Python2 fucktard, everything hardcoded. if i dare....
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]

Offline neoxquick

  • /dev/null
  • *
  • Posts: 9
  • Cookies: -6
    • View Profile
Re: Python Bruteforce gmail
« Reply #9 on: February 13, 2016, 11:39:23 pm »
With this kind of code.. you will get ban soon.. or at least you IP.. bruteforcing password server site is stupid..

there are better ways you can do it..


bye N

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Python Bruteforce gmail
« Reply #10 on: February 14, 2016, 07:53:29 am »
With this kind of code.. you will get ban soon.. or at least you IP.. bruteforcing password server site is stupid..
there are better ways you can do it..
Yes @neoxquick, i am gonna sit here and hope you come online before my girlfriend takes me for valentine and you explain other ways....?
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]

Offline neoxquick

  • /dev/null
  • *
  • Posts: 9
  • Cookies: -6
    • View Profile
Re: Python Bruteforce gmail
« Reply #11 on: February 25, 2016, 10:28:24 am »
Before starting to think about hacking something like gmail you have to know your limitations. Bruteforcing or attacking server side login system via bruteforce by its known to be stupid idea.. Why? Since everyone since year 1990 knows that site's block/ban ip's and accounts on which more then 5 wrong attempts have been made. So you ask me how? One way is by spreading keyloger on user computer. But of course here you will face with a problem of proper distribution or malware detection.
There are alwasy ways to bypass improper login system without actually need of using correct password.... like with SQL injection, XSS,, and so.. on..

Bruteforcing now days is more or less done on client side attack.... not server side. That is the reason why i think your source code is of no use...


bye N
« Last Edit: February 25, 2016, 10:30:13 am by neoxquick »