Mailboxes are increasingly becoming an indispensable role in our lives. Business exchanges between companies, learning exchanges between students and teachers, and personal correspondence, which account for a large part, are difficult to leave it. E-mail is not safe. There may be weak links in every link in the whole process of sending, transmitting and receiving e-mails. If malicious users take advantage of the vulnerabilities, they can easily crack the account and obtain the contents of the e-mail.
Commonly used protocols for sending and receiving e-mails are SMTP protocol and POP3 protocol. SMTP protocol is mainly used for sending e-mails, while POP3 protocol is mainly used for receiving e-mails. This section mainly uses the SMTP protocol to complete the cracking of e-mail.
SMTP (Simple Mail Transfer Protocol) is a simple mail transfer protocol. It is a mail transfer protocol based on the TCP protocol. It is mainly used for sending mail. Its TCP port number is 25. Here, a simple manual simulation is used to briefly explain the login process of STMP.
Before the simulation, you need to prepare an SMTP server that has registered an account. Common mailboxes support SMTP services.
If you see 235 during the login process, then the login is successful. So, let's analyze the above steps.
First, you need to use telnet to log in to the smtp server, such as telnet smtp.xxx.com 25, that is, the address of the smtp server connected to ×××, and the specified port number is port 25.
Next, enter HELO smtp.×××.com, which identifies the identity of the sender.
Then enter auth login to tell the server to verify the identity. After entering auth login, the server will return 334. The string of characters after 334 is a base64 encoded string. The decrypted content is "Username :".
Just enter the base64-encoded "username" here. After entering the user name and pressing Enter, a 334 will be returned. The string after 334 is still a string of base64-encoded strings, and the decrypted content is "Password:".
Enter the base64-encoded "password" after Password. At this point, if the user name and password are correct, 235 will be returned, indicating that the login is successful.
For simulated login, it is enough to master this step.
When testing, if there is no base64 encoding tool for string conversion, you can search for "base64 encoding" in the search engine, and there will be many online base64 encoding tools.
With the above steps about SMTP protocol login, you can use WinSock to crack the mailbox password. To crack the mailbox password, you need to prepare four parts. The first is the cracking program, then the dictionary, and the last one is the proxy IP address pool.
The cracking program is a program completed by ourselves. The dictionary is used to test various passwords. The proxy IP address pool is mainly to prevent the email address server from setting the number of login failures. After trying to log in failed N times, the IP may be locked Addresses, and some even lock accounts, which belong to the security policy on the server configuration. Our main task is to complete the writing of the cracking program, as for the others, we don't think much about it, it belongs to the category of readers' self-expansion.
For writing programs by yourself, you also need to consider two aspects, one is to use WinSock to communicate with the SMTP server, and the other is how to convert the user name or password into base64 encoding.
During the transmission process of the mail, in order to improve the transmission anti-interference or for the sake of security, the mail will be encoded to a certain extent. The most common encoding method is Base64 encoding. Its encoding and decoding algorithms are very easy, and the length after encoding is 34% of the length before encoding.
It is an encoding algorithm, also known as Base64 encryption. In fact, it is not an encryption algorithm. After all, there is no key, and it just rearranges the encoding format of characters.
The encoding rule of Base64 is that when encoding, specific 65 characters are used, and 6 bits can be used to represent 64 characters. The 65th character is "=", which is used to mark a special processing process. The encoding uses 24 bits as an input group, and the output is 4 coded characters. The 24 bits are composed of 3 8 bits from left to right, and are divided into 4 groups, each group is 6 bits, and each group 2 0 bits are added to form a number, which is between 0 and 63. In the Base64 character table, the corresponding character can be found according to the number. The Base64 character table is shown in Table 9-3. The encoded stream composed of this encoding must strictly follow a certain order (order from left to right), otherwise it will have no meaning (of course, the encoding does not conform to the specification, which is meaningless).