Let's get started!
Step 1: Download Bash!
We will be using a script stored in this location, so you will have to download the script.
Click here
And after you got it, make sure it is in the root directory. Not on your desktop, but in /root.
Now, I am going to explain how the script works.
#! /bin/bash simply means that everything is in bash.
echo simply means to tell the computer to say something. For example, echo Hello World means to tell the computer to output Hello World.
read is asking for user input. this will then store your input into a variable. read email would mean for you to enter something, and it will be stored into the email.
hydra -S -l $email -P $wordlist -e ns -V -s 465 $smtp smtp is the THC Hydra command which will help brute-force the email address. As you may tell, there are some parameters with a $. This is the variable with stored values you previously input in the read command.
Step 2: Permissions
The file you have saved (in root, right?) only has read and write permissions. This means you cannot execute it.Let's open up Terminal. Type in
chmod a+x yourscript.sh (ofc replace your script with the name you actually gave to the bash file)
Step 2: Execute!
Now we can finally use it!In terminal, let's type
./smtphook.sh
It's working!
The script is self-explanatory. Type in the SMTP service of the target's email, where smtp.gmail.com is Gmail. After that, you provide the gmail account, such as johndoe@gmail.com and give a wordlist directory, which you can find some default ones in the /usr/share/wordlists directory, or you can create your own with Crunch or CUPP.
For cfreating a custom wordlist, read:
No comments:
Post a Comment