1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bruteforcing a email list

Discussion in 'Black Hat SEO' started by Domo_18895, Aug 10, 2013.

Tags:
  1. Domo_18895

    Domo_18895 Newbie

    Joined:
    Jan 29, 2013
    Messages:
    34
    Likes Received:
    11
    Email services can't have two people with the same username so they have to tell you whether or not the username is in use. Why not exploit this by generating random email address (ex: lastname_firstname + whatever service your targeting) and seeing if they exist.

    Seems both Gmail and Yahoo have Javascript (some sort of AJAX maybe though havent looked) running on their signup pages to tell you this automatically might be possible to find the script in the source code and roll it into a tool.

    As for Live I had to actually submit the form, with a correct Captcha, to find out if the email existed or not, but even still at DeathByCaptcha's current rates you should be able to get approx. 700-800 accounts per $1.39 (accounting for failed captchas and times when the account doesn't exist).

    you guys think it would actually work?
     
    Last edited: Aug 10, 2013
  2. jameshilton105

    jameshilton105 BANNED BANNED

    Joined:
    Feb 17, 2012
    Messages:
    215
    Likes Received:
    83
    Yeah, it is working.. but it's a very old trick and not worth your time; better up scraping emails on Google.
     
  3. dinkish

    dinkish Power Member

    Joined:
    Apr 19, 2013
    Messages:
    689
    Likes Received:
    159
    Yes, probably far cheaper and effective to scrape.

    You could look into exploiting weaknesses after the fact with who\how you send the emails as\from. A simple unsubscribe link could easily be used as a confirmation that the email address is active for instance.

    BTW, I doubt that they'd provide you with any javascript that wasn't already provided essential information server-side.
     
  4. Kerquil

    Kerquil Newbie

    Joined:
    Aug 10, 2013
    Messages:
    1
    Likes Received:
    0
    Idk seems it's probably pretty easy to implement at least on Gmail and Yahoo. Run through a few proxies and you'd probably have a sizable list in no time.
     
  5. dinkish

    dinkish Power Member

    Joined:
    Apr 19, 2013
    Messages:
    689
    Likes Received:
    159
    For Yahoo\Gmail, it's likely ajax using making a call function to server side to "immediately" inform you that the username is already taken. I wouldn't think they'd allow this from any referrer besides their own domain firstly, and I'd limit it to 10 available requests before prompting a dialog or a re-direct\captcha\verification of some sort.

    You'd probably have a better chance of integrating this with capturing a username suggestions function that a lot of account registrations have, truncating the suggestion and comparing it to the originating dictionary word that was being entered.